Chapter 5. Crimeware in Firmware
Vittoria Colizza, Hao Hu, Steven Myers, Sid Stamm, Alex Tsow, and Alessandro Vespignani
Crimeware is traditionally thought of as running inside a personal computing device, such as a desktop or laptop. Of course, malicious code can, in principle, be executed on any type of device. This first part of this chapter considers the execution of malicious code in firmware, specifically the possibility that a home broadband router can be infected. Beyond just infecting a single router, it is entirely conceivable that the malicious code can propagate to other routers wirelessly. This propagation is considered in more detail in the second part of this chapter, where it is modeled as an epidemic.