BlackLotus Bookit Found Targeting Windows 11BlackLotus Bookit Found Targeting Windows 11
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find.
March 2, 2023
BlackLotus UEFI bootkits are deployed to take over the boot process of operating systems: bypassing security measures and deploying their malicious payloads.
Now, researchers with ESET are raising the alarm that even completely updated Windows 11 systems with UEFI Secure Boot enabled are vulnerable to BlackLotus attacks. Worryingly, the new bootkit, first discovered in October 2022, is readily available for as little as $5,000 on hacking forums.
"It was just a matter of time before someone would take advantage of these failures and create a UEFI bootkit capable of operating on systems with UEFI Secure Boot enabled," ESET explained in the report. "As we suggested last year in our RSA presentation, all of this makes the move to the ESP more feasible for attackers and a possible way forward for UEFI threats — the existence of BlackLotus confirms this."
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Get the Gartner Report: SOC Model Guide
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report