74
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 09 Aug 2023
74 points (95.1% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54420 readers
385 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
Trojans that install themselves into the MBR will just screw up your boot process on a UEFI system and vice versa. Also, if you don't use a default bootloader, you'll definitely notice something on a UEFI system if it tries to delete all other bootloaders.
On BIOS systems however, it gets a little tricky, since it just blindly reads the first few sectors, without respect to what you "set" as the default, so that Trojan could just add itself and move everything over a bit, and you can't tell. See the Michelangelo MBR virus. It wiped your drive on March 6 of any year.
On a UEFI system, the best it could do is replace the Microsoft bootloader, and that would trip Secure Boot, which is enabled by default. Even then you don't need to directly modify sectors or format your drive, you can just replace the bootloader.
Agreed it's rare. But it exists, Moon bounce, Mosaic regressor, so if you're trying to segment things you should just remove the drives and not worry about it.