firmware malware: DVD; ?motherboard?

Tony White tony at
Thu Dec 24 13:02:54 AEDT 2015

Hi all,
   This may be a little off topic but it might be illuminating
if you have not seen it before.

best wishes
   Tony White

On 24/12/2015 12:08, Russell Coker via luv-main wrote:
> On Thu, 24 Dec 2015 01:26:53 AM Douglas Ray via luv-main wrote:
>> We have a PC with firmware malware on - at least - both DVDs.
> Do you have a reference for DVD firmware malware?
>> I don't know if it's worth recovering the system, but I definitely
>> want to find diagnostics for identifying infections and vectors
>> on the rest of the LAN.
>> Booting a DVD live-image of ubuntu, invocations of
>> firefox are intercepted and come up as "JON recovery system"
>> or some such. The attack vector may have been the old XP
>> system on the harddrive, but equally it may have been one
>> of the ubuntu images.
> A google search on "JON recovery system" gives results about corrupted routers
> from D-Link.  Apparently if your firmware is corrupted in such a router it will
> give you a "JON recovery system" web page to allow you to fix things.
> Why would someone go to the immense effort of creating malware that can either
> intercept filesystem access to give a different version of the application files
> or modify the OS kernel to change the application in memory and then do
> something obvious like give a bogus web site?
> Are you sure your dlink router isn't broken?

More information about the luv-main mailing list