Cyber Security News

security experts discovered the second ever bootkit for UEFI – MosaicRegressor

The cyber security experts discovered the second ever bootkit for Unified Extensible Firmware Interface (UEFI)

Security experts found real- world malware that cryptic only in the low-level & hugeous firmware required to boot up almost all kind of latest and modern computer system. The experts of Kaspersky Lab revealed about the discovery of a spy campaign that used complex modular fabrication of MosaicRegressor, during variant things, allied second other filthy bootkit for the UEFI (unified Extensible Firmware Interface).

The UEFI (Unified Extensible Firmware Interface) is an operating system in its own right. The UEFI is established in a flash storage chip incorporated onto the motherboard of the computer system and it is not easy (means too difficult) to supervise or patch.

Undoubtedly, it is one of the best place to hide all kind malicious malware, and that’s exactly what the cyber hackers has done, according to new research by world security researchers. Actually three of the four added modules were picked endlong from the stolen source code that cyber hackers group sold to the governments like Saudi Arabia, Russia and Egypt.

The cyber experts, envision that the nasty group of cyber hackers who has installed the nasty firmware had substantial access, the worst part of this malicious malware is the cyber hackers can operate infected computers in just few minutes or they can also configure the computer for boot through USB device and allow it to work as they want.

All the victims were all either ambassadorial institution or the member of non-governmental company from Africa, Asia, and Europe and all had ties in their activity to North Korea. The attestation says that all the attacks were take away by a Chinese-speaking actor, under the Chinese state intellect equipment.

The more interesting part of this is in the course of researching the MosaicRegressor infrastructure, the cyber experts were found that the all the elements of this malicious bootkit are based on the Vector-EDK code. This malicious malware is a peculiar creator programmed by the group of dangerous cyber criminals, which, during other unexpected things, implant filthy instructions for creating a module for flashing UEFI (Unified Extensible Firmware Interface). kindly let me remise you once again that in 2015 this and other cyber criminals groups leaked another malicious tools into the public domain, which silently allowed cyber criminals to generate their own software with least endeavor: they only augment the source code with a filthy Factor.


Undoubtedly, there are several technique of (Unified Extensible Firmware Interface) UEFI infection: if this microchip was not defended properly, then no doubt using a legal utilities or even peculiar program to update Unified Extensible Firmware Interface (UEFI). The Cyber criminals can smoothly run any nasty version of the malicious firmware. Generally there is also an another trick involving physical access to the equipment – adds Igor Kuznetsov. We are dealing with a strong, promoted Equipment for hackers, not all the dangerous cyber hackers can do it. Although, with the presentation of ready-made working examples, undoubtedly there is a high level danger of reusing this filthy technology, specially since anyone can still download the instruction for it. This phenomena exhibits that the group of dangerous cybers hackers are becoming more & more creative and perennially ameliorate their techniques & tricks.

About the author


Leave a Comment