Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

ESET discovers BlackLotus malware: the first UEFI bootkit to bypass Secure Boot on Win11

2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)11/24 Report--

CTOnews.com March 2 news, security researchers from ESET recently discovered a kind of malware that hijacked UEFI and named it BlackLotus. This malware is considered to be the first UEFI bootkit malware that can bypass Secure Boot on Win11 systems.

Once the device is infected with the malware, antivirus software such as Defender, Bitlocker, and HVCI is disabled on the Win11 system. The malware, which dates back to October 2022, was sold on hacker forums for $5000.

BlackLotus exploits a security vulnerability that has existed for more than a year (CVE-2022-21894) to bypass UEFI security startup and permanently embed itself in the computer.

Microsoft released an update in January 2022 to fix this vulnerability, but attackers can still exploit it because affected, validly signed installation files have not yet been added to the UEFI lock list.

BlackLotus can disable operating system security mechanisms such as BitLocker, HVCI, and Windows Defender. After installation, the main goal of malware is to install kernel drivers (which protect kernel drivers from being removed, etc.) and HTTP downloads.

CTOnews.com attached report original text: BlackLotus UEFI bootkit: Myth confirmed

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

IT Information

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report