When a Computer is befalllen of pests and nothing helps, just install the System from scratch – and here is the pest again. This simple rule no longer applies in times of ever more complex cyber weapons. The virus hunters from Eset have now with Lojax for the first time, a UEFI Rootkit found in the wild. This particularly nasty pest nest so deep in the Computer that is not a new hard drive fixes the Problem.
Lojax attacks a part of the computer that is already loaded before the operating system: The so-called UEFI, a modern version of the BIOS. A weak point of the actually theft detection used UEFI program, used it with Lojack, hence the Name of Lojax.
Once loaded by the UEFi, the pest then the door for more attack programs. The Eset said in a blog post. Because the UEFI is already loaded before the Start of the system, you can not put the onus on Lojax with new installations or the replacement of the hard drive. As the only variant of the replacement of the motherboard or the whole computer.
you Put the Hacker behind it? Speakers listening-nightmare language: Chinese hackers make the Amazon Echo to the bug By Malte Mansholt
That secret services like the NSA or technically advanced Kriminielle to have such tools in their Repertoire, was known for some time. It has now been discovered for the first time in action. And there is a government hacking group is, according to Eset with a very high probability behind it. Also known as Sednit Group or APT28 well-known Hacker group Fancy Bear is assigned to the Russian intelligence service, the FSB, was behind the attack on the network of the Bundestag.
Also, Lojax seems to be against government objectives. The security researchers claim to have that program on a number of computers of government organizations in the Balkans, Central and Eastern Europe found. Since it seems to be all around targeted attacks, is likely to be the risk to normal consumers, of Lojax infested, almost Zero. However, it was also in attack work of the NSA tools, only a few years, until they found their way into the Darknet and conventional Criminals. It is quite possible that it also create UEFI-attacks soon on a private computer.
Popular PC program Ccleaner-infested PCs – is but behind it is a bigger Problem
With the Ccleaner Hacker one of the most popular PC have converted the programs to a virus spreader. The new infectious-mesh could soon become a massive Problem.
By Malte Mansholt