SedNit, CCC, Kaspersky and ESET

Re: https://firmwaresecurity.com/2018/09/27/apt28-malware-lojax-uses-uefi-rootkit/ and https://firmwaresecurity.com/2018/08/05/bluehat-v18-first-strontium-uefi-rootkit-unveiled/

Sednit UEFI malware is back in the news, because of the recent CCC video, some are hearing about it for the first time, and because Kaspersky Lab is tweeting about it, confusing people that the news came from Kaspersky instead of ESET. Instead, I wish Kaspersky’s GReAT team would be giving some new news about their UEFI research, as hinted from an upcoming BlueHat Israel talk:

[..]For the past year, Kaspersky’s Global Research and Analysis Team (GReAT) extracted and processed thousands of UEFI dumps, applying anomaly analysis and code similarity techniques in order to find the “things that lurk in the shadows”[…]

https://firmwaresecurity.com/2019/01/01/costin-raiu-kaspersky-lab-the-things-that-lurk-in-the-shadows/

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s