Diplomats Attacked with Firmware Bootkit

Oct 5, 2020 10:00 pm Cyber Security 220

Diplomats Attacked with Firmware Bootkit

An advanced persistent threat (APT) espionage campaign that uses a rare form of malware has been observed attacking diplomats and members of NGOs. 





The campaign, which relies on a firmware bootkit, was identified by researchers at Kaspersky who were operating UEFI/BIOS scanning technology. The previously unknown malware was identified in the Unified Extensible Firmware Interface (UEFI).





UEFI firmware is used in all modern computer devices and starts running before the operating system and all the programs installed in it. This, together with the fact that the firmware resides on a flash chip separate from a device's hard drive, makes the detection of any malware in UEFI firmware very difficult. 





"If UEFI firmware is somehow modified to contain malicious code, that code will be launched before the operating system, making its activity potentially invisible to security solutions," said a Kaspersky spokesperson.





"The infection of the firmware essentially means that, regardless of how many times the operating system has been reinstalled, the malware planted by the bootkit will stay on the device."





Researchers said the UEFI bootkit used with the malware is a customized version of Hacking Team’s Vector-EDK bootkit, the source code for which was leaked in 2015. It is the first in-the-wild attack leveraging a custom-made UEFI bootkit. 





“Once software—be it a bootkit, malware or something else—is leaked, threat actors gain a significant advantage," said Igor Kuznetsov, principal security researcher at Kaspersky’s GReAT. 





"Freely available tools provide them with ..

Support the originator by clicking the read the rest link below.

diplomats attacked firmware bootkit
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!