Showing posts with label Rootkit. Show all posts
Showing posts with label Rootkit. Show all posts

Friday, September 28, 2012

Windows 8 Rootkit Discovered in the Wild

That Was Quick

Italian security consultants ITSEC discovered the security hole following an analysis of the Unified Extensible Firmware Interface (UEFI), a successor to the legacy BIOS firmware interface, that Microsoft began fully supporting with 64-bit versions of Windows 7.

Tip of the Hat to The Register, linked above. 

[EDIT: The article specifies the payload as a "bootkit". This was deliberately omitted on my part. The word "bootkit" strikes me as part of that trend to modify prefixes of words to make them ludicrously specific, like how Watergate became EverythingUnderTheSun-Gate. Its a cheap way to feign familiarity through reference. Is there a relevant disharmony between the terms bootloader and rootkit I'm ignoring? If so feel free to shine light on my ignorance via email or in the comments.]

Since we are on the topic of hardware hacking, last week I caught a printer spamming - as in, a printer that was network available that had been compromised by malware and became part of a snowshoe spam run. While I'm sure this is nothing new, I just haven't seen too much of it - the idea of a botnet composed entirely of printers terrifies me every time I think about it. Peripherals are awful.

RAT Bastard

Earlier this week, several servers I maintain were targeted by automated attempts to upload a remote access trojan (RAT). The RAT is a simpl...