Forum » Informacijska varnost » LoJax: First UEFI rootkit found in the wild
LoJax: First UEFI rootkit found in the wild
Iatromantis ::
LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
https://www.welivesecurity.com/2018/09/...
+ The Register:
https://www.theregister.co.uk/2018/09/2...
https://www.welivesecurity.com/2018/09/...
Our investigation has determined that this malicious actor was successful at least once in writing a malicious UEFI module into a system’s SPI flash memory. This module is able to drop and execute malware on disk during the boot process. This persistence method is particularly invasive as it will not only survive an OS reinstall, but also a hard disk replacement. Moreover, cleaning a system’s UEFI firmware means re-flashing it, an operation not commonly done and certainly not by the typical user.
Our research has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe.
+ The Register:
https://www.theregister.co.uk/2018/09/2...
- spremenil: Iatromantis ()
Vredno ogleda ...
| Tema | Ogledi | Zadnje sporočilo | |
|---|---|---|---|
| Tema | Ogledi | Zadnje sporočilo | |
| » | Odkritih 13 kritičnih ranljivosti AMD Ryzen in EPYC procesorjev (strani: 1 2 3 )Oddelek: Novice / Procesorji | 36384 (29713) | rdecaluc |
| » | Nam bosta UEFI varnostni zagon in Microsoft preprečila poganjanje alternativnih opera (strani: 1 2 3 4 5 )Oddelek: Novice / Varnost | 52240 (43303) | Icematxyz |
| » | Dobiček Microsofta nespremenjen, kupci čakajo na Windows 8Oddelek: Novice / Rezultati | 10584 (8857) | Icematxyz |
| » | Nič popravkov za okužen Windows (strani: 1 2 )Oddelek: Novice / Varnost | 15348 (13189) | Jst |
| » | Computer infectedOddelek: Pomoč in nasveti | 1774 (1585) | boss-tech |