The TrickBot malware botnet operators have added new features. It allows them to communicate with the UEFI or BIOS firmware of an infected system. The latest liability was identified inside the new TrickBot module. It was first observed in the wild at October end. The liability was discovered and announced by Advanced Intelligence and Eclypsium.
Researchers are worried due to the liability as the botnet can establish persistent footholds that allow the malware to survive the operating reinstallation in the infected systems continually. The malware has the capability and code to write, read, and erase firmware as well.
Source: https://www.zdnet.com/article/new-trickbot-version-can-tamper-with-uefibios-firmware/
