New UEFI Malware Discovered With Russian Links

New UEFI Malware Discovered With Russian Links

The UEFI firmware on your system is perhaps some of the most important. A more modern take on the BIOS system (and sometimes named it just to avoid confusion) it is the initial programming necessary to ensure that when you push that on button on your PC, things happen.

In a report via itproportal, however, a new type of malware has been discovered that is reportedly capable of not just attacking the UEFI on your system, but embedding itself within it.

A Dangerous Threat

In the report, ESET, who are well known for their anti-virus work, has identified the new malware. Called ‘LoJax’, the malware is able to penetrate right into the root of your system. This would, in simple terms, mean that even re-installing your system wouldn’t remove it. As such, unlike traditional virus’, which can usually be removed, this would prove exceptionally difficult if not impossible. It’s unclear even whether a forced rollback of the UEFI firmware would remove it or not and in PC terms, that’s very drastic action.

Russian Origins

ESET has said that they believe that the malware originates from the Russian virus factory known as ‘Furry Bear’. A group that is believed to be state-sponsored and involved in various of the election tampering allegations. These include the US Presidential Campaign and the UK Brexit vote. In brief, people who spend all day cooking things like this up!

The malware is believed to have first been implemented in 2017. It has, however, only just been discovered. Worrying times!

What do you think? Are you concerned about more UEFI malware? What do you think the purpose of this is? – Let us know in the comments!