Seagate and Western digital have had a busy couple of weeks, fielding questions and concerns about NSA backdoors being planted into their hard drive firmware. While the both manufacturers assert that they had not knowingly provided access to their firmware, in reality, anyone could gain access to it by stealing it. Once your drive is infected though, it appears the only way to get rid of it, at least for now, is to physically destroy the drive, according to Kaspersky Labs.
In their report, they point out that the spying tools, created by a group called “Equation”, have very similar capabilities to the ones that the NSA has been using, to spy on Iran, Pakistan, Afghanistan, India and China. The software is extremely complex, and very discrete, and can be deployed using a number of Trojans and tools, and can use two variations of the STUXNET worm, to infect both PC and MAC systems.
This hard drive malware can hit drives from Seagate Technology, Western Digital, Hitachi, Samsung and Toshiba, so no one is safe in reality. While the issue seems to be affecting platter based drives primarily, it’s likely that variations work the same way on SSDs.
The scary part is that after the malware has infected your system, it reprograms the firmware on your drive, and creates hidden partitions that you can’t erase by formatting, making it impossible to remove. So the only way to get rid of it, is to kill the drive, and all the data on it.
Source: Tech Times