First UEFI rootkit spotted in the wild!

"THE FANCY BEAR hacking group has plenty of tools at its disposal, as evidenced by its attacks against the Democratic National Committee, the Pyeongchang Olympics, and plenty more. But cybersecurity firm ESET appears to have caught the elite Russian team using a technique so advanced, it hadn’t ever been seen in the wild until now.

ESET found what’s known as a UEFI rootkit, which is a way to gain persistent access to a computer that’s hard to detect and even harder to clean up, on an unidentified victim’s machine. The technique isn’t unheard of; researchers have explored proofs of concept in the past, and leaked files have indicated that both the CIA and the independent exploit-focused company Hacking Team have had the capability. But evidence that it has happened, in the form of malware called LoJax, represents a significant escalation in the Fancy Bear—which ESET calls Sednit—toolkit."

Rest here: wired.com/story/fancy-bear-hackers-uefi-rootkit/

Attached: FancyBearBlog.jpg (530x349, 36K)

Other urls found in this thread:

youtube.com/watch?v=_eSAF_qT_FY
twitter.com/SFWRedditGifs

>2k18
>not coding your own legacy bootloader for MBR and flashing it in your motherboards ROM
lmao'ing @ your life

wait, how the fuck can you put a rootkit in a UEFI ? Isn't it stored in read-only memory ?

Bios virusses existed, so why would it be any different for UEFI? Was it supposed to be that much more secure?

why are slavs so based

>firmware not written in ROM
It's like you WANT to be hacked

Maybe I'm a brainlet, but how come this is such a new thing? Rootkits have been a thing for ages, and UEFI has a much bigger attack area than BIOS.

yeah but does it let me flash an older bios on asus boards
the chinks actually prevent you from flashing old shit

nothing is ever ROM

>what are punch cards