Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

GlobalDots
1 Min read

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.

Reduce your AWS costs by over 50%

Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.

Reduce your AWS costs by over 50%

Dubbed LoJax, the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear, Strontium, and Sofacy, to target several government organizations in the Balkans as well as in Central and Eastern Europe.

According to the ESET researchers, the LoJax malware has the ability to write a malicious UEFI module into the system’s SPI flash memory, allowing BIOS firmware to install and execute malware deep inside the computer disk during the boot process.

Since LoJax rootkit resides in the compromised UEFI firmware and re-infects the system before the OS even boots, reinstalling the operating system, formatting the hard disk, or even replacing the hard drive with a new one would not be sufficient to clean the infection.

Flashing the compromised firmware with legitimate software is the only way to remove such rootkit malware, which typically is not a simple task for most computer users.

Read more: The Hacker News

Latest Articles

3 IT Infrastructure Costs Increasing in 2024:

As we navigate through the evolving landscape of IT infrastructure, a closer look at the cost trends for 2024 reveals significant shifts. From cloud expenses feeling the pressure of economic changes. With global cloud spending expected to hit over $1 trillion and various sectors facing unique challenges, staying informed is more crucial than ever.  Dive […]

Miguel Fersen Iberia & LATAM Regional Manager @ GlobalDots
26th February, 2024
Justt – IaC

Justt is a chargeback mitigation startup based in Tel Aviv. Chargebacks, as defined, are demands by a credit card provider for a retailer to reimburse losses on fraudulent or disputed transactions. Justt’s objective is to assist merchants worldwide in combating false chargebacks using its proprietary artificial intelligence technology.

GlobalDots
22nd February, 2024
8 FinOps Best Practices for Cutting Cloud Costs

The cloud used to be viewed as a place of significant cost savings: rather than purchasing and maintaining dozens of server stacks, organizations could outsource this and purchase compute power on an as-needed basis. In the ensuing rush to cloud architecture, however, many companies simply lifted-and-shifted their old financial bad habits. The sheer speed of […]

GlobalDots
22nd February, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential