Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
BlackLotus Bookit Found Targeting Windows 11
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find.
1 Min Read
Source: View Stock via Alamy Stock Photo
BlackLotus UEFI bootkits are deployed to take over the boot process of operating systems: bypassing security measures and deploying their malicious payloads.
Now, researchers with ESET are raising the alarm that even completely updated Windows 11 systems with UEFI Secure Boot enabled are vulnerable to BlackLotus attacks. Worryingly, the new bootkit, first discovered in October 2022, is readily available for as little as $5,000 on hacking forums.
"It was just a matter of time before someone would take advantage of these failures and create a UEFI bootkit capable of operating on systems with UEFI Secure Boot enabled," ESET explained in the report. "As we suggested last year in our RSA presentation, all of this makes the move to the ESP more feasible for attackers and a possible way forward for UEFI threats — the existence of BlackLotus confirms this."
About the Author
You May Also Like
More Insights
