-{ Quote: "For years, hackers have focused on finding bugs in computer software that give them unauthorized access to computer systems, but now there's another way to break in: Hack the microprocessor.
On Tuesday, researchers at the University of Illinois at Urbana-Champaign demonstrated how they altered a computer chip to grant attackers back-door access to a computer. It would take a lot of work to make this attack succeed in the real world, but it would be virtually undetectable." }-
http://www.linuxsecurity.com/content/view/136180/169/

Doesn't altering a chip require physical access to the computer? This would require for a hacker to break into the premises and then alter the machine and then leave. As for the profit/penalty ratio, I would think that they would then target multimillion dollar corporate systems.

-{ Quote: "Doesn't altering a chip require physical access to the computer? This would require for a hacker to break into the premises and then alter the machine and then leave. As for the profit/penalty ratio, I would think that they would then target multimillion dollar corporate systems." }-
Original article (http://www.networkworld.com/news/2008/041508-malicious-microprocessor-opens-new-doors.html?page=2)
-{ Quote: "This would not be easy, King said, but there are a few possible scenarios. For example, a "mole" developer could add the code while working on the chip's design, or someone at a computer assembly plant could be paid off to install malicious chips instead of legitimate processors. Finally, an attacker could create a counterfeit version of a PC or a router that contained the malicious chip.

"This is not a script kiddie attack," he said. "It's going to require an entity with resources."

Though such a scenario may seem far-fetched, the U.S. Department of Defense (DoD) is taking the issue seriously. In a February 2005 report, the DoD's Defense Science Board warned of the very attack that the University of Illinois researchers have developed, saying that a shift toward offshore integrated circuit manufacturing could present a security problem.
" }-
As I understand it, they modified some gates in an FPGA (http://en.wikipedia.org/wiki/Field-programmable_gate_array).