Bootkitty: First UEFI Bootkit Malware Targets Linux Systems

November 29, 2024 at 09:37 PM

•

1 min read

Bootkitty: First UEFI Bootkit Malware Targets Linux Systems — Photo: Ars Technica

TL;DR Summary

A new exploit, dubbed LogoFAIL, allows attackers to bypass Secure Boot protections on certain Linux machines by injecting malicious code into a bitmap image during the boot process. This code installs a cryptographic key that tricks the UEFI into treating a backdoored GRUB and Linux kernel as trusted, effectively creating a bootkit. The exploit targets devices with Insyde UEFI firmware, affecting models from Acer, HP, Fujitsu, and Lenovo. Insyde has released a patch, but unpatched devices remain vulnerable.

Topics:top-news #cybersecurity #insyde #linux #logofail #secure-boot #uefi

Share this article

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor Ars Technica
Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels The Hacker News
Researchers discover first UEFI bootkit malware for Linux BleepingComputer
Bootkitty: Analyzing the first UEFI bootkit for Linux We Live Security
The first UEFI bootkit malware for Linux has been detected, so users beware TechRadar

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

83%

449 → 78 words

Want the full story? Read the original article

Read on Ars Technica

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights