Question RAM or VRAM or other data storage can store data to a new HDD or SSD?

[Jakeprk]

Hi! I have a question.
It's possible to a malware be transferred by Ram or Gpu or BIOS to another HDD?, for ex: I change my HDD to other HDD without both connected at the same time, remove the first "possibly infected HDD" and shutdown, then add the new HDD, a malware can be transferred by BIOS, Ram or other source? In the case of a Fileless malware, or other type of virus.

And one more question, RAM, GPU VRAM, or other hardware than HDD or SSD, can store data and transfer to a new HDD? The same example above, some files can be stored and recovered on a new storage hardware?

Thanks!

 

[Sgt_Sykes]

TECHNICALLY, RAM is not wiped immediately so data remains in it for a little while after the computer is shut down.

However it's not long enough to survive a reboot and even if it was, applications don't have any way to access it because once OS starts booting, it will make a mess of any data that might remain in memory (in fact initializing the RAM at boot probably wipes it anyway).

The only way to get data out of RAM sticks is to remove them, keep them frozen and then use all sorts of hardware magic to maybe read some bits and pieces. It's possible in theory but unless you have something mega secret on your computer, nobody will do that.

VRAM I'm not sure but I'm guessing it's the same, plus it would be even more difficult to get anything out of it since the protocols aren't as open as when it comes to regular RAM, plus they are soldered onto the video card board.

Are ther ways to infect a computer in a way that the infection would remain after a HDD swap? In theory, yes - not really in RAM, but in all kinds of firmwares included in the computer: BIOS, video card BIOS, USB controller firmware (I believe such an attack was demonstrated already) but again unless you're some secret agent targeted by such attacks, it's pretty unlikely you'd need to worry.

 

[mdd1963]

short of CIA/GRU/Mossad involvement in infecting your BIOS with some of the most sophisticated malware on earth, if you swap hard drives, you are clear....to start from scratch, delete partition if one exists on possibly used replacement drive or quick format a new drive, full install of an OS... (Naturally, however, you can't just bring a drive from some other dissimilar system, plug it in, and expect to boot right up an operate from it..)

Of course, and of several potential hardware issues could prevent success with even a new drive of course.....(problems with PSU, MB, RAM, CPU/cpu cooling, intermittent shorts in chassis wiring, SATA cabling, etc...)

 

[popatim]

If you feel you have a bios virus then flash the bios to it, even if you already have the most recent one installed.
UEFI has dedicated space for storing & running files, google for lenovo's service engine spyware that they intentionally added to their bioses. Hopefully whatever virus you have, didn't come from the manufacturer.