Malware
BIOS Rootkit
Also known as: Legacy firmware rootkit
Definition
A rootkit that infects legacy BIOS firmware so it executes before the operating system, achieving deep persistence below the OS.
Examples
- Mebromi, an early BIOS rootkit that infected the system firmware to reinstall malware.
- Computrace-style anti-theft modules abused as a persistence mechanism.
Related terms
UEFI Rootkit
A rootkit implanted in UEFI firmware that loads before the OS, persists across disk wipes, and bypasses most endpoint security.
Firmware Malware
Malicious code that lives in device firmware — BIOS/UEFI, network cards, drives, or peripherals — surviving OS reinstalls and most endpoint defences.
Rootkit
Stealth malware that grants and hides privileged access to an operating system or device, evading detection by standard tools.
Bootkit
Malware that infects the boot process — MBR, VBR, or UEFI — to load before the operating system and obtain persistent, privileged control.
Stealth Malware
Malware specifically engineered to evade detection by users, security tools, and forensic investigators through hiding, mimicry, and anti-analysis tricks.
Supply Chain Attack
An attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers.