Needles in a haystack: Picking unwanted UEFI components out of millions of samples

ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples

What is an UEFI attack and how can it affect your computer?

Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a … More What is an UEFI attack and how can it affect your computer?

2018: Research highlights from ESET’s leading lights

As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights

Q&A with an ESET Malware Researcher – Cyberattack via UEFI rootkit

ESET researchers discovered the first-ever known cyberattack conducted via a UEFI rootkit. We sat down with Jean-Ian Boutin, ESET Senior Malware Researcher who led the research and asked a few questions to shed more light on his team’s discovery and its consequences. In your white paper, you claim to have discovered the first-ever UEFI rootkit in the … More Q&A with an ESET Malware Researcher – Cyberattack via UEFI rootkit

LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyberattacks, as they are hard to detect and able to survive security … More LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

Fighting persistent malware with a UEFI scanner

The short answer to the headline’s question is that a UEFI scanner is all about helping you protect your computer against people who seek to take it over by abusing its Unified Extensible Firmware Interface (UEFI). A successful attack on a system’s UEFI can give the attacker complete control of that system, including persistence: the … More Fighting persistent malware with a UEFI scanner