Login to account Create an account  


  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The first UEFI bootkit for Linux
#2
Another associated story...

From ArsTecnica: Code found online exploits LogoFAIL to install Bootkitty Linux backdoor
Subtitled: Unearthed sample likely works against Linux devices from Acer, HP, Fujitsu, and Lenovo.

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains unpatched on affected models.

The critical vulnerability is one of a constellation of exploitable flaws discovered last year and given the name LogoFAIL. These exploits are able to override an industry-standard defense known as Secure Boot and execute malicious firmware early in the boot process. Until now, there were no public indications that LogoFAIL exploits were circulating in the wild.

The discovery of code downloaded from an Internet-connected web server changes all that. While there are no indications the public exploit is actively being used, it is reliable and polished enough to be production-ready and could pose a threat in the real world in the coming weeks or months.


The hits keep coming...
Reply



Messages In This Thread
The first UEFI bootkit for Linux - by Maxmars - 12-02-2024, 10:22 PM
RE: The first UEFI bootkit for Linux - by Maxmars - 12-02-2024, 10:26 PM
RE: The first UEFI bootkit for Linux - by Sirius - 12-03-2024, 01:15 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Linux gaming pianopraze 44 1,433 09-05-2024, 11:11 AM
Last Post: pianopraze
  “Something has gone seriously wrong.” Linux/Windows dual boot. Maxmars 1 132 08-22-2024, 06:19 AM
Last Post: OneStepBack