CSOonline

Sophisticated UEFI rootkit of Chinese origin shows up again in the wild after 3 years

A sophisticated rootkit that’s able to insert itself into the lowest levels of Windows computers — the motherboard firmware — has been making victims since 2020 after disappearing from the radar for ...
TechSpot

BlackLotus, the new UEFI rootkit that makes security researchers worry

Why it matters: "BlackLotus" is being offered on underground forums as an all-powerful firmware rootkit, capable of surviving any removal effort and bypassing the most advanced Windows protections. If ...
Ars Technica

Researchers unpack unkillable UEFI rootkit that survives OS reinstalls

UEFI firmware images must be digitally signed, period. This will make this attack impossible. I'd say all downloadable/flashable firmware must be digitally signed. Click to expand... Aside from that ...
TechRepublic

New CosmicStrand rootkit targets Gigabyte and ASUS motherboards

Malware exists in different flavors. Most of the time, malware consists of malicious files stored in computers operating systems, just like any other file, and running as software with or without high ...
TechSpot

For years, some Gigabyte and Asus motherboards carried UEFI malware

In context: Security firm ESET discovered the first UEFI rootkit that had been used in the wild back in 2018. This type of persistent threat used to be the subject of theoretical discussions among ...
Dark Reading

Pernicious Rootkits Pose Growing Blight On Threat Landscape

In recent weeks, attackers have leveraged workarounds that let them sign malicious kernel drivers, dealing a multi-pronged threat to Windows systems, the Windows Hardware Quality Lab testing integrity ...
Ars Technica

Researchers unpack unkillable UEFI rootkit that survives OS reinstalls

Assuming you have a method of reflashing the firmware that doesn't involve using the compromised firmware itself - for example, the ASUS firmware on the system board of the computer I'm typing on can ...