“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”

  • @progandy@feddit.org
    link
    fedilink
    English
    143 days ago

    This bootkit is not unkillable yet. If the diagram is correct, then it installs itself on the EFI partition and not the EFI Firmware.