dslreports logo
    All Forums Hot Topics Gallery


Search Topic:
share rss forum feed

Sunnyvale, CA
reply to SweetNoob

Re: Possible for malware to covertly hide on harddrive sector

There are definitely ways to hide malicious data on a harddisk but as has already correctly been stated, that hidden malicious code would do nothing unless there is something else executing it.

That hiding place wouldn't be inside a sector: the data portion of the sector is visible to the OS and other parts of it are not very useful to hide information (sync, AM, ECC, gap).

A smarter place to hide malware on a harddisk would be the flash memory containing the drive firmware which would escape detection by most common malware detection means and would allow the malicious code to be executed by the harddrives internal microcontroller. It would allow intercepting/modifying data written to or read from the drive.

There are plenty of difficulties in attempting to do something like that (and any such malware would work for just one specific harddrive model) but it is at least theoretically possible.
Got some spare cpu cycles ? Join Team Helix or Team Starfire!