ESET researchers have discovered a previously undocumented real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which ESET has named ESPecter, can bypass Windows Driver Signature Enforcement to load its own unsigned driver, which facilitates its espionage activities. ESPecter is the second discovery of a UEFI bootkit persisting on the ESP … More ESET Research discovers ESPecter, a bootkit for cyberespionage
ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples
Did you know the world saw the first known attack on UEFI last year? Find out more about what it means for your business Everyone is familiar with the concept that attackers can launch malicious attacks through email, windows or other software that runs on our laptops; but how can the device itself be a … More What is an UEFI attack and how can it affect your computer?
As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights
ESET researchers discovered the first-ever known cyberattack conducted via a UEFI rootkit. We sat down with Jean-Ian Boutin, ESET Senior Malware Researcher who led the research and asked a few questions to shed more light on his team’s discovery and its consequences. In your white paper, you claim to have discovered the first-ever UEFI rootkit in the … More Q&A with an ESET Malware Researcher – Cyberattack via UEFI rootkit