ESET researchers have discovered a previously undocumented real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which ESET has named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which facilitates its espionage activities. ESPecter is the second discovery of a UEFI bootkit persisting on the ESP … More ESET Research discovers ESPecter, a bootkit for cyberespionage
ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples
Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a … More What is an UEFI attack and how can it affect your computer?
ESET sheds light on commands used by the favorite backdoor of the Sednit group. What happens when a victim is compromised by a backdoor and the operator is controlling it? It’s a difficult question that is not possible to answer entirely by reverse engineering the code. In this article we will analyze commands sent by … More A journey to Zebrocy land
As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights