8 matches found
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...
Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012
Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...
TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions
The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of the malware’s infrastructure by Microsoft and others. The Windows Unified Extensible...
APT Groups Finding Success with Mix of Old and New Tools
Advanced persistent threat APT groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found that...
UEFI malware named MosaicRegressor found on Diplomat computers
By Sudais Asif This UEFI based malware is the second of its kind ever known publicly. This is a post from HackRead.com Read the original post: UEFI malware named MosaicRegressor found on Diplomat computers...
New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild
Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI or Unified Extensible Firmware Interface containing a malicious implant, making it the secon...
Rare Bootkit Malware Targets North Korea-Linked Diplomats
A firmware bootkit has been spotted in the wild, targeting diplomats and members of non-governmental organizations NGOs from Africa, Asia and Europe. It has turned out to be part of a newly uncovered framework called MosaicRegressor. According to researchers from Kaspersky, code artifacts in some...
MosaicRegressor: Lurking in the Shadows of UEFI
Part II. Technical details PDF UEFI or Unified Extensible Firmware Interface has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically used to facilitate the machines boot sequence and load the operating...