“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”

  • progandy
    link
    fedilink
    English
    arrow-up
    14
    ·
    1 month ago

    This bootkit is not unkillable yet. If the diagram is correct, then it installs itself on the EFI partition and not the EFI Firmware.