Reposted by yocvito
#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. www.welivesecurity.com/en/eset-rese... 🧵
Bootkitty: Analyzing the first UEFI bootkit for Linux
ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.
www.welivesecurity.com
November 27, 2024 at 8:34 AM
#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. www.welivesecurity.com/en/eset-rese... 🧵
Reposted by yocvito
Supply chain malware from an infected game mod 🤯😱 Long-form reverse engineering and a WILD ride: Binary Ninja, x64dbg, 010 Editor, PEB walking, reworking API function hashing in Python, DLL search-order hijacking, hooked functions & more. MASSIVE video: jh.live/bvyklJ5Wie0
November 14, 2024 at 2:00 PM
Supply chain malware from an infected game mod 🤯😱 Long-form reverse engineering and a WILD ride: Binary Ninja, x64dbg, 010 Editor, PEB walking, reworking API function hashing in Python, DLL search-order hijacking, hooked functions & more. MASSIVE video: jh.live/bvyklJ5Wie0