Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

"It's when they say 2 + 2 = 5 that I begin to argue." -- Eric Pepke


rocksolid / Security / Re: UEFI rootkit in the wild detected

SubjectAuthor
o Re: UEFI rootkit in the wild detectedGuest

1
Subject: Re: UEFI rootkit in the wild detected
From: Guest
Newsgroups: rocksolid.shared.security
Organization: Dancing elephants
Date: Thu, 27 Sep 2018 21:22 UTC
References: 1
Path: rocksolid2!def3!.POSTED!not-for-mail
From: gue...@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.security
Subject: Re: UEFI rootkit in the wild detected
Date: Thu, 27 Sep 2018 17:22:51 -0400
Organization: Dancing elephants
Lines: 19
Message-ID: <pojhnb$21j$1@def3.retrobbs.com>
References: <pojf9d$aa$1@def3.retrobbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
NNTP-Posting-Host: 10.0.2.2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1538083371 2099 10.0.2.2 (27 Sep 2018 21:22:51 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Thu, 27 Sep 2018 21:22:51 +0000 (UTC)
User-Agent: FUDforum 3.0.7
X-FUDforum: e4062714e2d275bd0cc7c3ee636428b0 <3857>
View all headers
UEFI rootkit in the wild detected Thu, 27 September 2018 17:01
Guest
Now this is really cool technology: due to the fact that it is located in the BIOS, it survives a new installation, or
even the exchange of the harddisk.
Ok, the technology is not so new, but this is the first time something like this is detected in the wild. Powerfull
stuff...
This one is for Windows, but the method should work regardless of the os, because it simply injects itself in the system
before it starts. Nice...

Didn't know if this should be posted to security or hacking. Aren't they one and the same ? It just depends from which
end you look.

Here is the clearnet link to the whitepaper:

https://www.welivesecurity.com/wp-content/uploads/2018/09/ESET-LoJax.pdf


BUMP
Posted on: def3.i2p


1
rocksolid light 0.7.2
clearneti2ptor