![]() This approach doesn’t seem to be widespread – yet, but it’s not inconceivable that we’ll eventually encounter a ransomware strain using this to, ahem, earn a bit of extra cash on the side. MoonBounce is Microsoft-tailored, and able to hook into a chain of components starting from the UEFI’s DXE environment, through the Windows Loader, and finishing as a part of svchost.exe, a process we all know and love. ![]() In fact, so-called MoonBounce never really touches the disk at all, being careful to only store itself in RAM, oh, and the SPI flash that stores the BIOS code, of course. It doesn’t matter if you shred the HDD and replace it with a new one. In an arguably inevitable development, researchers have found an active piece of malware, out in the wild, that would persist itself by writing its bootstrap code into the BIOS chip. The new developments in malware world will also require you to have a CH341 programmer handy. ![]() When facing a malware situation, the usual “guaranteed solution” is to reinstall your OS. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |