As Unified Extensible Firmware Interface (UEFI) replaced legacy BIOS as the leading technology embedded into chips of modern computers and devices, it became vital to the security of the pre-OS environment and to the loading of the operating system. It’s no surprise that such a widespread technology represents a tempting target for threat actors in their search for ultimate persistence.
The latest malware found to be targeting UEFI is ESPecter, a bootkit that persists in the form of a patched Windows Boot Manager as an ESP implant. It is only the second-ever found malware of this sort, identified on a compromised device “accompanied” by a keylogging and data-stealing component.
Listen to the latest episode of ESET Research podcast where ESET Distinguished Researcher Aryeh Goretsky interviews ESET Malware Researcher Martin Smolár and ESET Director of Threat Research Jean-Ian Boutin about ESPecter, Lojax, and other threats targeting UEFI.
If you enjoyed listening to the discussion, subscribe to the ESET Research podcast on any of the popular podcast platforms including Spotify, Google Podcasts, Apple Podcasts, and PodBean.