Advanced attackers, including the U.S. National Security Agency, have targeted firmware as a place to embed malware since it’s a great place to hide.
Since antivirus programs “are not scanning this layer, the compromise can fly under the radar,” wrote Francisco Santos, an IT security engineer with VirusTotal, in a blog post on Wednesday.