Security researchers say they've stumbled upon the first-ever UEFI bootkit targeting Linux, illustrating a key moment in the evolution of such tools.

First-ever UEFI bootkit for Linux in the works, experts say

submited by
Style Pass
2024-11-27 16:30:16

Security researchers say they've stumbled upon the first-ever UEFI bootkit targeting Linux, illustrating a key moment in the evolution of such tools.

Dubbed "Bootkitty" by Slovak security shop ESET, the first sample of the bootkit was detected on malware encyclopedia VirusTotal earlier this month.

The researchers, Martin Smolár and Peter Strýček, say it appears to only target a limited number of Ubuntu releases and there are signs it's only a proof of concept at the moment. It's not thought to be under active development or in wider use by any sophisticated offensive operators right now.

That said, the finding suggests work is being done to target a broader set of potential targets and dispels the previous thinking that UEFI bootkits are designed for Windows systems only.

ESET was again the source of this discovery in 2023, with Smolár confirming after a year of digging into the $5,000 bootkit that it made good on its adverts and does indeed bypass Windows 11 Secure Boot.

Leave a Comment