ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples
Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a … More What is an UEFI attack and how can it affect your computer?
ESET sheds light on commands used by the favorite backdoor of the Sednit group. What happens when a victim is compromised by a backdoor and the operator is controlling it? It’s a difficult question that is not possible to answer entirely by reverse engineering the code. In this article we will analyze commands sent by … More A journey to Zebrocy land
As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights
ESET researchers discovered the first-ever known cyberattack conducted via a UEFI rootkit. We sat down with Jean-Ian Boutin, ESET Senior Malware Researcher who led the research and asked a few questions to shed more light on his team’s discovery and its consequences. In your white paper, you claim to have discovered the first-ever UEFI rootkit in the … More Q&A with an ESET Malware Researcher – Cyberattack via UEFI rootkit
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyberattacks, as they are hard to detect and able to survive security … More LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group