Reinstalling Windows and changing hard drives won’t save you from a new virus

It became aware of new malware from a group of hackers Fancy Bear. Rootkit embedded in the UEFI subsystem firmware. Experts from the antivirus company ESET spoke about a new generation of malware from a serious hacker group. The peculiarity of the virus is that it is embedded in the UEFI subsystem (BIOS replacement) and can survive the reinstallation of the OS and even change the hard disk.

Using a rootkit for embedding into UEFI has long been allowed by security experts, but in reality, no one has come across such malware. Now, according to the ESET report, a similar virus is used by the Fancy Bear hacker group, which many media outlets connect directly with the Russian special services.

technology

The lojax virus is used to install spyware, and it, in turn, is a modification of the LoJack program. The latter was created to track the location of a computer and remotely manage it, and such a tool is “sewn up” directly in UEFI. Actual for industrial computers with secret data.

How to Guides: How to disable 3D Touch on iPhone

The virus built into UEFI works in such a way that it installs additional software in the operating system environment. And it is so small in weight and well disguised that it is practically not detected by antivirus.

Some malicious versions of LoJack have been detected on computers in Europe, but for now, there remains a mystery about how this software is delivered to machines. The main activity of the virus is to collect data about the computer and install additional malicious modules.

It is still possible to escape from such an “infection”. It is enough to load the system in the Secure Boot mode – all UEFI components are checked in it, and LoJax is digital-free and will not pass unnoticed.

For more stuff visit our site techverses.com and discover what you want.

Reinstalling Windows and changing hard drives won’t save you from a new virus
5 (100%) 1 vote

Add a Comment

Your email address will not be published. Required fields are marked *