Bootkitty Yes, the first UEFI bootkit for Linux

In the last decade, a new class of infections has been threatening Windows users. By infecting the firmware the malware (bootkit) runs before the operating system is loaded.

These UEFI bootkits continue to run even after the hard drive is replaced or formatted.

Now, the same type of malware has been found circulating online for Linux machines. Researchers from the security company ESET they said on Wednesday that Bootkitty – the name given to it by the unknown bootkit developers – was uploaded to VirusTotal earlier this month.

Compared to its Windows cousins, Bootkitty is still relatively rudimentary, with flaws in its core functionality and without the means to infect all Linux distributions outside of Ubuntu. This led the company's researchers to suspect that the new bootkit is possibly a proof-of-concept version. To date, ESET has not found any real infections.

However, Bootkitty shows us that malicious users are reportedly actively developing a Linux version of the unkillable bootkit that previously only targeted Windows systems.

"Whether a proof-of-concept or not, Bootkitty marks an interesting move in the UEFI threat landscape, breaking the belief that modern UEFI bootkits are Windows-only threats," ESET researchers said.

"While the current release from VirusTotal does not currently pose a real threat to the majority of Linux systems, it does highlight the need to prepare for potential future threats."

As ESET reports, the discovery is significant because it shows that someone is pouring resources and significant expertise into creating working UEFI bootkits for Linux.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).