ESET’s threat hunters are focusing their attention on a previously unknown UEFI bootkit that can use the EFI System Partition (ESP) to maintain persistence on infected Windows devices.
ESET’s discovery is the second real-world UEFI bootkit to be publicly disclosed in recent weeks, following Kaspersky’s report on a new Windows UEFI bootloader integrated into the FinSpy espionage spyware software.
According to ESET researchers Martin Smolar and Anton Cherepanov, the malware has escaped detection for nearly a decade and was designed to load its own unsigned driver, bypassing Windows Driver Signature Enforcement.
To Read More: securityweek
For more such updates follow us on Google News ITsecuritywire News.