Coderman's taobios-v2.tar.bz2

Where is Coderman? DondeEsCoderman at
Mon Dec 31 13:11:27 PST 2018

Saludad Cypherpunks!

A while back Coderman posted:
“Fwd: [tor-talk] How does one remove the NSA Virus off the BIOS Chip as described by Snowden in the ANT Program

it should be noted that BIOS exports contain device identifiers, like
HDD serials and so forth...

---------- Forwarded message ----------
On 11/21/15, Flipchan <
flipchan at
> wrote:

I would like to help in anyway i can , i'm currently developing an anti


virus and auditing multi platform program , So if u can find out/copy all


the viruses the nsa have given You and send it i would love to help on


detecting and protecting ppl from it :)

you say "find out, copy all" like it's so easy, *grin*

here's some fun for you:
$ sha256sum taobios-v2.tar.bz2

interesting details in both samples!
( L2 is config only PDoS via UEFI BIOS :)

This appears to reference BIOS recovery exploit to launch malware in SMM. I am trying to find a copy of this malware directly, not just the virustotal reports. The domain appears to be taken over.

Checking for old versions in does not yeild result -
After seeing CCC Camp presentation on Sednit UEFI malware -
- I am reminded of this.

Does anyone has it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2011 bytes
Desc: not available
URL: <>

More information about the cypherpunks mailing list