LightEater Demo: Infecting a HP BIOS with physical access – BONUS TRACK! – GSM FRP

In this video we infect an HP EliteBook 2540p BIOS via physical access.

We insert a “LightEater” backdoor, that is capable of exfiltrating data via the Intel Serial Over LAN (SOL) capability that comes with most vPro systems.

The basic point is that attacks by people who have temporary physical access to a system can be done simply with commercial tools. No de-soldering or other high-skill or highly invasive detectable proceedures are necessary. Having the BIOS easily accessible is good for recovering from BIOS-wiping attacks, but it can also work to attackers’ advantage.

The LightEater malware could do any attack, we just chose to show these particular capabilities on this particular system in this video. See our other videos for other LightEater demonstrations.

For more about BIOS/SMM vulnerabilities/malware, and how to detect them, go to :


Leave a Comment

Your email address will not be published.

Scroll to Top