Russian(?) Sednit App Group deploys first UEFI rootkit

Forumite Members General Topics Tech Security Talk Russian(?) Sednit App Group deploys first UEFI rootkit

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • September 28, 2018 at 9:39 am #26507
    Ed PEd P
    Participant
      @edps
      Forumite Points: 39

      Probably no need to panic yet unless you are a high profile target. The Sednit App Group have been identified by ESET as the group responsible for deploying the first widespread use of a UEFI rootkit. Their attack can be thwarted using ‘Secure Boot’.

      More info here.

      September 29, 2018 at 4:16 pm #26573
      Wheels-Of-FireWheels-Of-Fire
      Participant
        @grahamdearsley
        Forumite Points: 4

        Im surprised its taken this long. Without secure boot its relatively easy to write a replacement UEFI module and have it placed in your System partition. Rewriting your systems firmware is trick though.

      • Author
        Posts
      Viewing 2 posts - 1 through 2 (of 2 total)
      • You must be logged in to reply to this topic.