• We did not send an email asking for donations - please read this post.

UEFI Rootkit "Lojax"



jglen490

Well-Known Member
Joined
Mar 10, 2020
Messages
736
Reaction score
505
Credits
4,106
Yes. Where did the quote come from?
 
OP
sp331yi

sp331yi

Well-Known Member
Joined
Apr 11, 2020
Messages
725
Reaction score
328
Credits
4,614
just click on quote/link -- thehackernews
 

jglen490

Well-Known Member
Joined
Mar 10, 2020
Messages
736
Reaction score
505
Credits
4,106
I never click on unknown links :D

You know, security stuff and everything ...
 
OP
sp331yi

sp331yi

Well-Known Member
Joined
Apr 11, 2020
Messages
725
Reaction score
328
Credits
4,614
Never?
LOL!
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,147
Reaction score
4,319
Credits
30,310
Update, 9 October 2018: The remediation section of the white paper contained inaccurate information. Secure Boot doesn’t protect against the UEFI rootkit described in this research. We advise that you keep your UEFI firmware up-to-date and, if possible, have a processor with a hardware root of trust as is the case with Intel processors supporting Intel Boot Guard (from the Haswell family of Intel processors onwards).

(welivesecurity is a current activity of ESET RESEARCH)
 
OP
sp331yi

sp331yi

Well-Known Member
Joined
Apr 11, 2020
Messages
725
Reaction score
328
Credits
4,614
@Condobloke & @jglen490

Does not affect me, personally. Was just passing it on for the benefit of affected LO Members.
 

jglen490

Well-Known Member
Joined
Mar 10, 2020
Messages
736
Reaction score
505
Credits
4,106
Doesn't affect me either, just wondering. Black Hat had some info on that, too. LoJack was the Lenovo theft protection "feature", and that went sideways, but nothing I can see on that subject since about 2017, or so.
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,147
Reaction score
4,319
Credits
30,310
Methinks if the rotten thing had any 'legs' at all, it would be spread worldwide by now.

The fact that it is not is fair indication that it has either been died a natural death or has been shoved into the background by updates via all OS's registry systems/bios etc etc etc
 

jglen490

Well-Known Member
Joined
Mar 10, 2020
Messages
736
Reaction score
505
Credits
4,106
Firmware is software. When it is broken, or attacked it can be repaired. So, yes, it has likely been overcome by now. There will likely be others, but for now ... move on to other subjects :)
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,147
Reaction score
4,319
Credits
30,310
Amen. ;)
 

Vrai

Well-Known Member
Joined
Mar 16, 2019
Messages
1,060
Reaction score
999
Credits
4,055
As a Linux user I find it easiest to just not run any anti-virus, anti-malware, or anti-rootkit programs.
What I don't know can't worry me and make me lose sleep! o_O
mad_geek.gif

(Not really)
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top