UEFI Bootkit Detected in Cyber Espionage Campaign 

5
UEFI Bootkit Detected in Cyber Espionage Campaign

ESET’s threat hunters are focusing their attention on a previously unknown UEFI bootkit that can use the EFI System Partition (ESP) to maintain persistence on infected Windows devices.

ESET’s discovery is the second real-world UEFI bootkit to be publicly disclosed in recent weeks, following Kaspersky’s report on a new Windows UEFI bootloader integrated into the FinSpy espionage spyware software.

According to ESET researchers Martin Smolar and Anton Cherepanov, the malware has escaped detection for nearly a decade and was designed to load its own unsigned driver, bypassing Windows Driver Signature Enforcement.

To Read More: securityweek 

For more such updates follow us on Google News ITsecuritywire News.