LightEater Demo: Infecting a HP BIOS with physical access





Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Apr 14, 2015

In this video we infect an HP EliteBook 2540p BIOS via physical access.

We insert a "LightEater" backdoor, that is capable of exfiltrating data via the Intel Serial Over LAN (SOL) capability that comes with most vPro systems.

The basic point is that attacks by people who have temporary physical access to a system can be done simply with commercial tools. No de-soldering or other high-skill or highly invasive detectable proceedures are necessary. Having the BIOS easily accessible is good for recovering from BIOS-wiping attacks, but it can also work to attackers' advantage.

The LightEater malware could do any attack, we just chose to show these particular capabilities on this particular system in this video. See our other videos for other LightEater demonstrations.

For more about BIOS/SMM vulnerabilities/malware, and how to detect them, go to :


When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...