SMM rootkits: a new breed of OS independent malware

  title={SMM rootkits: a new breed of OS independent malware},
  author={S. Embleton and S. Sparks and C. Zou},
The emergence of hardware virtualization technology has led to the development of OS independent malware such as the Virtual Machine based rootkits (VMBRs. [...] Key Result These features make it a potentially attractive home for stealthy rootkits. In this paper, we present our development of a proof of concept SMM rootkit. In it, we explore the potential of System Management Mode for malicious use by implementing a chipset level keylogger and a network backdoor capable of directly interacting with the network…Expand
The SMM Rootkit Revisited: Fun with USB
SPECTRE: A dependable introspection framework via System Management Mode
HyperCheck: A Hardware-AssistedIntegrity Monitor
HyperCheck: A Hardware-AssistedIntegrity Monitor
Using Hardware Features for Increased Debugging Transparency
Towards Transparent Debugging
Back to Static Analysis for Kernel-Level Rootkit Detection
SMM Revolutions
  • W. A. R. Souza, A. Tomlinson
  • Computer Science
  • 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems
  • 2015


VICE – Catch the Hookers
  • Presented at Black Hat USA. Aug
  • 2004