Bootkitty: Unveiling the First UEFI Bootkit Threat to Linux

November 27, 2024 at 07:20 AM

•

1 min read

Bootkitty: Unveiling the First UEFI Bootkit Threat to Linux — Photo: We Live Security

TL;DR Summary

ESET researchers have discovered Bootkitty, the first UEFI bootkit targeting Linux systems, specifically some Ubuntu versions. This bootkit, likely a proof of concept, aims to disable kernel signature verification and preload unknown ELF binaries during the Linux init process. Bootkitty is signed with a self-signed certificate, making it ineffective on systems with UEFI Secure Boot unless the attacker's certificates are installed. The discovery highlights the expanding threat landscape of UEFI bootkits beyond Windows systems. Researchers emphasize the importance of keeping UEFI Secure Boot enabled and systems updated to mitigate such threats.

Topics:technology #bootkit #cybersecurity #linux #malware #security #uefi

Share this article

Bootkitty: Analyzing the first UEFI bootkit for Linux We Live Security
Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels The Hacker News
Researchers discover first UEFI bootkit malware for Linux BleepingComputer
First-ever UEFI bootkit for Linux in the works, experts say The Register
Found in the wild: The world’s first unkillable UEFI bootkit for Linux Ars Technica

Reading Insights

Total Reads

Unique Readers

Time Saved

15 min

vs 15 min read

Condensed

97%

2,992 → 91 words

Want the full story? Read the original article

Read on We Live Security

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights