System Compromised by Malware; BIOS, UEFI, and SPI region may be compromised.

I have been dealing with this problem since the end of April; Unfortunately we were not aware of the firmware vulnerabilities that were announced in 2017/2018. We sent two desktop PCs and a Laptop to the local Tech to be repaired. I have not sent my PC to the Tech, and it has highest degree of maladies. It will no longer boot Windows OS, the SSD and HDD (before I removed them) were reformatted, partitioned, and Write Protected by the System. I attempted to use an external HDD and USB drive to boot both Windows, and Ubuntu; When the storage devices are connected, the System will format, partition, and copy encrypted files to the drives. I have been manually logging information from the UEFI Shell environment; The Shell has very little privilege, and the Environment Modules and File system are locked up behind RW protection. I enabled the Admin password on the BIOS UI, thinking that I would have some type of control over the System. Four days after enabling the password, it was modified and I could not access the BIOS UI. Fortunately the motherboard has dual BIOS option and I am able to boot into BIOS 2. I have removed the CMOS battery, and used the CMOS reset button, but it did not seem to help anything. I have not modified the motherboard other than battery removal and replacement, the RW protection measures are still in place. 

Comments are closed.