Skip to comments.Trickbot trojan found to now have the ability to modify a computer's UEFI
Posted on 12/04/2020 8:35:07 AM PST by BenLurkin
A combined team of security experts from Advanced Intelligence and Eclypsium has announced that the Trickbot trojan malware now has the ability to modify a computer's Unified Extensible Firmware Interface—the interface between the firmware on a computer motherboard and the computer's operating system—in this case, Microsoft Windows.
Trickbot has been in the news of late due to its advanced capabilities. It has a modular design and is notable for its ability to gain administrative capabilities on infected computers. The entities behind the creation of the trojan are believed to be criminals in Russia and North Korea, and they have used it to target telecoms, health care firms, education institutions and even infrastructure operators (quite often in the form of ransomware).
When a computer boots up, the UEFI and firmware work together to bring up the operating system—if nefarious code has been embedded in the firmware, it can load its own software modules or even modify the operating system as it loads. Such modules would then go undetected by conventional antivirus software and would not be overcome, even if the hard drive were wiped clean or replaced altogether.
(Excerpt) Read more at techxplore.com ...
The internet will be great they said...
“The internet will be great they said...”
And they were right!
Masks prevent viruses. Won’t masks prevent trojans, too?
We’ll get to the point where we’re using one-time-use disposable computers...
“And they were right!”
Not so much. We have a nation of morons, largely due to the internet. And for people who use it, there’s always some bad actors out there letting this stuff go.
In a fair and just world, guys in black suits would track down and visit these bad actors, and the bad guys would just go away.
But hey, on the bright side, there are LOTS of cool cat videos.
“We’ll get to the point where we’re using one-time-use disposable computers...”
Razor blades went there but now I get almost a month per cartridge.
I knew way back when they switched to update-able ROM for the OS this would happen.
I’m just surprised it took so long................
“Not so much. We have a nation of morons, largely due to the internet.”
No. We are just exposed to more moron due to the internet.
It’s that whole “Unified” thing.
Obscurity is security.
Read up on Trickbot. It puts bad dll files onto the computer.
Now what operating system uses dll files?
“No. We are just exposed to more moron due to the internet.”
And the morons have a platform. And they validate each other, and spread their stupidity.
This "TrickBot" sounds even more egregious than what the turd in Malmo did to my new Windows machine.
I believe so. These days, when you want to solve a problem, you send a request to a server cloud via Internet and get the answer from them. Your brain is getting lazy.
When the connection to Internet is cut off, they can't do anything because their real brain is essentially a giant server cloud connected via Internet.
The evil OS whose initials are MS.
I use Linux a lot more for internet stuff.
Its really tough to wake up the social contract folks to the fact that we create our own foreign enemies to fight with and our own domestic criminals to punish. Sometimes they get hostile if you try.
But what if we do a Star Trek NG and “modulate the frequencies” while “reversing the polarity”?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.