Follow us on Twitter
Follow us on FacebookChinese PC motherboards have huge security hole
@ 2022/07/29ASUS and Gigabyte motherboards hit with rootkit
Chinese-speaking hackers are using 2016 malware injected into firmware images for ASUS and Gigabyte motherboards to turn over PCs.
Kaspersky have called the problem CosmicStrand but an earlier variant of the threat was discovered by malware analysts at Qihoo360, who named it Spy Shadow Trojan.
It is unclear how the threat actor managed to inject the rootkit into the firmware images of the target machines but researchers found the malware on machines with ASUS and Gigabyte motherboards.
The Unified Extensible Firmware Interface (UEFI) software is what connects a computer’s operating system with the firmware of the underlying hardware. UEFI code is the first to run during a computer’s booting sequence, ahead of the operating system and the security solutions.
Kaspersky said that the infected UEFI component deploys a kernel-level implant into a Windows system at every boot.
Chinese-speaking hackers are using 2016 malware injected into firmware images for ASUS and Gigabyte motherboards to turn over PCs.
Kaspersky have called the problem CosmicStrand but an earlier variant of the threat was discovered by malware analysts at Qihoo360, who named it Spy Shadow Trojan.
It is unclear how the threat actor managed to inject the rootkit into the firmware images of the target machines but researchers found the malware on machines with ASUS and Gigabyte motherboards.
The Unified Extensible Firmware Interface (UEFI) software is what connects a computer’s operating system with the firmware of the underlying hardware. UEFI code is the first to run during a computer’s booting sequence, ahead of the operating system and the security solutions.
Kaspersky said that the infected UEFI component deploys a kernel-level implant into a Windows system at every boot.
