Happy 2019, year of the UEFI infections

Subject: General Tech | January 2, 2019 - 02:54 PM |
Tagged: uefi, lojack, security, LoJax

Welcome to a new year and a new vulnerability which has the potential to ruin your day, even if you wipe your computer and start afresh.  Researchers have spotted a rootkit which installs itself in your motherboards UEFI using technology adopted from LoJack, which is properly used to access a stolen computer without the person who currently has it knowing about it. 

LoJax lives on your motherboard's SPI flash memory and the code silently executes on boot so it is hard to figure out if you have been infected at a glance.  If you are then the only way to remove it is to flash a BIOS which overwrites that specific area of flash ... or toss the motherboard out.  You can read a lot more about this over at Slashdot.

Untitled-design-3.jpg

"Researchers hunting cyber-espionage group Sednit (an APT also known as Sofacy, Fancy Bear and APT28) say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface (UEFI) in successful attacks."

Here is some more Tech News from around the web:

Tech Talk

 

Source: Slashdot