Malicious programs use Intel AMT to steal data and evade firewalls – Penetration Testing

The Microsoft security team reported a malicious program family that used the Intel Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.

AMT SOL is part of the Intel Management Engine (ME), runs a standalone operating system that works in the event of a host shutdown, and is widely criticized as a security risk or backdoor.

It is learned that unauthorized access via AMT will not be recorded by the host. When AMT is enabled, all network packets will be redirected to ME, then to AMT, bypassing the host operating system, using AMT SOL to steal data Will be installed by the host operating system firewall and security products found.

Microsoft will develop the malicious program hack organization called PLATINUM, it is considered a country’s network spy team, the main goal is the South China Sea near the Southeast Asian countries. PLATINUM active earliest no later than 2009, each year focused on a small number of targets to avoid exposure.

The post Malicious programs use Intel AMT to steal data and evade firewalls appeared first on Penetration Testing. http://ift.tt/2rYDqvb http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s