Is There a Rootkit in the Firmer?

There is an interesting report by iranian security company amd pardas that discusses a rootkit that they found in the wild affecting h p's ilo carts. Ilo short integrated lights out, is the hp solution that provides remote access two serversand allows things like power cycling and remote keyboard and a monior access. So most of the servers have something like this installed. While the malvety found here, they describe it as a wiper. It dos add additional modules to the firmer. And thus, according ereport, go through quite a bit ouf pain to make it difficult to actually flash a legitimate firmer on the device. If you are trying to upgrate your