Jump to content

Chipset malware

Recommended Posts

Kaspersky has a great detailed technical analysis on this issue here: https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/ . You prevent this stuff as noted at the end of the article:


Following previous predictions, we can now say that UEFI threats are gradually becoming a norm. With this in mind, vendors are taking more precautions to mitigate attacks like MoonBounce, for example by enabling Secure Boot by default. We assess that, in this ongoing arms race, attacks against UEFI will continue to proliferate, with attackers evolving and finding ways to exploit and bypass current security measures.

As a safety measure against this attack and similar ones, it is recommended to update the UEFI firmware regularly and verify that BootGuard, where applicable, is enabled. Likewise, enabling Trust Platform Modules, in case a corresponding hardware is supported on the machine, is also advisable. On top of all, a security product that has visibility into the firmware images should add an extra layer of security, alerting the user on a potential compromise if such occurs.

Eset scans the UEFI for known malware traces. It will inform you that such malware exists. It cannot remove the malware. That can only be done using the appropriate hardware method such as re-flashing the BIOS/UEFI.

Edited by itman
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...