The fact that security software made by Kaspersky Lab is not used by many American government agencies has made it more trusted by other governments, like those of Iran and Russia, whose systems are closely watched by United States intelligence agencies. That gives Kaspersky a front-row seat to America’s digital espionage operations.

Image Eugene Kaspersky Credit... Stephen McCarthy/Sportsfile for Web Summit

The firm’s researchers say that what makes these attacks particularly remarkable is their way of attacking the actual firmware of the computers. Only in rare cases are cybercriminals able to get into the actual guts of a machine.

Recovering from a cyberattack typically involves wiping the computer’s operating system and reinstalling software, or replacing a computer’s hard drive. But if the firmware becomes infected, security experts say, it can turn even the most sophisticated computer into a useless piece of metal.

In the past, security experts have warned about “the race to the bare metal” of a machine. As security around software has increased, criminals have looked for ways to infect the actual hardware of the machine. Firmware is about the closest to the bare metal you can get — a coveted position that allows the attacker not only to hide from antivirus products but also to reinfect a machine even if its hard drive is wiped.

“If the malware gets into the firmware, it is able to resurrect itself forever,” Costin Raiu, a Kaspersky threat researcher, said in the report. “It means that we are practically blind and cannot detect hard drives that have been infected with this malware.”

The possibility of such an attack is one that math researchers at the National Institute of Standards and Technology, a branch of the Commerce Department, have long cautioned about but have very rarely seen. In an interview last year, Andrew Regenscheid, a math researcher at the institute, warned that such attacks were extremely powerful. If the firmware becomes corrupted, Mr. Regenscheid said, “your computer won’t boot up and you can’t use it. You have to replace the computer to recover from that attack.”

That kind of attack also makes for a powerful encryption-cracking tool, Mr. Raiu noted, because it gives attackers the ability to capture a machine’s encryption password, store it in “an invisible area inside the computer’s hard drive” and unscramble a machine’s contents.