First UEFI Pest Discovered by Eset

September 28, 2018

Formatting your disk is not enough to remove the newly discovered rootkit from the computer!

ESET's security experts, the first UEFA rootkits they had found were announced . The damage that the researchers call LoJax is known as APT28, STRONTIUM, Sofacy and Fancy Bear, and aims to attack the Balkans, Central and Eastern European governments.

Free hosting: Enjoy one month of free hosting!

Security researchers say that the UEFI rootkit is equipped with tools to replace the victim's system firmware, so it is deeply integrated into the system. According to ESET, the rootkit is capable of malicious operation during bootup after writing the harmful UEFI module to the system's SPI flash drive.

RELATED NEWS Mate has leaked up to 20 brochures!

According to researchers, harmful, operating system, you reboot, even if you change the hard disk is alive. You can rewrite the UEFI firmware for malware, but according to ESET, this is not an easy task for everyone.

ESET says that the UEFI rootkit doesn't have the right signature, so any kind of attack will be plugged into the Secure Boot mechanism. Therefore, ESET recommends that you enable Secure Boot, which controls the signature of each component that the firmware installs.