Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

Every program is a part of some other program, and rarely fits.

computers / Security / Re: UEFI rootkit in the wild detected

SubjectAuthor
o UEFI rootkit in the wild detectedGuest

1
Re: UEFI rootkit in the wild detected

<pojhnb$21j$1@def3.retrobbs.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=378&group=rocksolid.shared.security#378

  copy link   Newsgroups: rocksolid.shared.security
Path: rocksolid2!def3!.POSTED!not-for-mail
From: guest@retrobbs.rocksolidbbs.com (Guest)
Newsgroups: rocksolid.shared.security
Subject: Re: UEFI rootkit in the wild detected
Date: Thu, 27 Sep 2018 17:22:51 -0400
Organization: Dancing elephants
Lines: 19
Message-ID: <pojhnb$21j$1@def3.retrobbs.com>
References: <pojf9d$aa$1@def3.retrobbs.com>
Reply-To: Guest <guest@retrobbs.rocksolidbbs.com>
NNTP-Posting-Host: 10.0.2.2
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: def3.retrobbs.com 1538083371 2099 10.0.2.2 (27 Sep 2018 21:22:51 GMT)
X-Complaints-To: usenet@def3.retrobbs.com
NNTP-Posting-Date: Thu, 27 Sep 2018 21:22:51 +0000 (UTC)
User-Agent: FUDforum 3.0.7
X-FUDforum: e4062714e2d275bd0cc7c3ee636428b0 <3857>
 by: Guest - Thu, 27 Sep 2018 21:22 UTC

UEFI rootkit in the wild detected Thu, 27 September 2018 17:01
Guest
Now this is really cool technology: due to the fact that it is located in the BIOS, it survives a new installation, or
even the exchange of the harddisk.
Ok, the technology is not so new, but this is the first time something like this is detected in the wild. Powerfull
stuff...
This one is for Windows, but the method should work regardless of the os, because it simply injects itself in the system
before it starts. Nice...

Didn't know if this should be posted to security or hacking. Aren't they one and the same ? It just depends from which
end you look.

Here is the clearnet link to the whitepaper:

https://www.welivesecurity.com/wp-content/uploads/2018/09/ESET-LoJax.pdf

BUMP
Posted on: def3.i2p

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor