» »

LoJax: First UEFI rootkit found in the wild

LoJax: First UEFI rootkit found in the wild

Iatromantis ::

LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

https://www.welivesecurity.com/2018/09/...

Our investigation has determined that this malicious actor was successful at least once in writing a malicious UEFI module into a system’s SPI flash memory. This module is able to drop and execute malware on disk during the boot process. This persistence method is particularly invasive as it will not only survive an OS reinstall, but also a hard disk replacement. Moreover, cleaning a system’s UEFI firmware means re-flashing it, an operation not commonly done and certainly not by the typical user.

Our research has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe.


+ The Register:

https://www.theregister.co.uk/2018/09/2...


Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Odkritih 13 kritičnih ranljivosti AMD Ryzen in EPYC procesorjev (strani: 1 2 3 )

Oddelek: Novice / Procesorji
10813294 (6623) rdecaluc
»

Nam bosta UEFI varnostni zagon in Microsoft preprečila poganjanje alternativnih opera (strani: 1 2 3 4 5 )

Oddelek: Novice / Varnost
20229089 (20152) Icematxyz
»

Dobiček Microsofta nespremenjen, kupci čakajo na Windows 8

Oddelek: Novice / Rezultati
357678 (5951) Icematxyz
»

Nič popravkov za okužen Windows (strani: 1 2 )

Oddelek: Novice / Varnost
508953 (6794) Jst
»

Computer infected

Oddelek: Pomoč in nasveti
81196 (1007) boss-tech

Več podobnih tem