Is it possible to detect and remove rootkits such as Especter and Lojax when the sysrescuedisk and anti rootkit programs are unable to detect?

Rank: Newcomer
Group: Guests

June 14, 2022

Is there a way to detect and remove rootkits such as Especter and Lojax when the sysrescuedisk and anti rootkit programs are unable to detect?

and when the bootloader doesn't allow boot from usb?

Marcos · June 14, 2022

ESET detects even in UEFI if you install it. SysRescue doesn't scan UEFI.

itman · June 14, 2022

If you're referring to the Spectre rootkit, the POC is here: https://github.com/D4stiny/spectre .

I haven't found any documented cases where it has been deployed anywhere though.

Recommended Posts