Chinese hackers groups were observed to utilize the UEFI bootkit to download and install additional malware on victim devices. The UEFI firmware is an essential part of each device. It is present in the flash memory embedded in the motherboard and helps control all its hardware elements. The firmware also helps boot the real user-facing OS like MacOS, Windows, Linux, etc.
The hackers consider attacking UEFI firmware as the top tactic. This is because breaching and planting a nefarious code allows the malware to survive even OS reinstalls. Hacker groups rarely attempt this tactic as manipulating this element is very tough. They require either direct physical access to the system or compromise the victim using complicated supply chain attacks.