ESET Flags Prototype UEFI Bootkit Targeting Linux

November 27, 2024 at 12:07PM ESET has identified a prototype UEFI bootkit, named Bootkitty, targeting specific Ubuntu Linux configurations, marking a shift from Windows-exclusive attacks. While still in development, Bootkitty aims to disable kernel signature verification, allowing unsigned modules to load. A related module, BCDropper, exhibits rootkit-like behavior. **Meeting Takeaways:** 1. **Discovery of UEFI Bootkit:** … Read more

First-ever UEFI bootkit for Linux in the works, experts say

November 27, 2024 at 10:36AM Security researchers have discovered “Bootkitty,” the first UEFI bootkit targeting Linux, specifically some Ubuntu releases. Although currently a proof of concept, its existence indicates a shift in UEFI threat dynamics, dispelling the notion that such threats are exclusive to Windows, and highlights the need for future preparedness. ### Meeting Takeaways … Read more

Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels

November 27, 2024 at 08:03AM Researchers have identified Bootkitty, the first UEFI bootkit designed for Linux systems, produced by BlackCat. As a proof-of-concept, it aims to disable kernel signature verification and preload unknown binaries. While not yet used in attacks, it signifies a shift in UEFI threats beyond Windows, highlighting future cybersecurity risks. ### Meeting … Read more

Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit

February 13, 2024 at 09:39AM Glupteba, a sophisticated information stealer and backdoor, has incorporated an undocumented UEFI bootkit feature, enhancing its stealth and persistence. The malware is capable of illicit cryptocurrency mining, proxy deployment, and various malicious activities. Distributed through complex infection chains, Glupteba demonstrates modern cybercriminals’ innovation, collaboration, and adaptation to evade detection. Based … Read more