Kaspersky, a cybersecurity company, has discovered a new type of malware in the motherboard’s USB Flash Interface. This malware is a type of rootkit that persists even after the SSD or host hard drive is replaced or wiped.
The Kaspersky engineers named it via Bleeping Computer and CosmicStrand. According to reports, an evolution of malware called Spy Shadow Trojan was first discovered in 2016. Researchers discovered the CosmicStrand malware within the firmware of Asus motherboards and Gigabyte motherboards. But don’t panic! I’ll explain.
Infected computers used motherboards that were based on the H81 chipset. This chipset dates back many decades. A hacker would need access to the system to install the CosmicStrand malware or update the firmware. If you are reading this, please don’t assume that Asus and Gigabyte systems were insecure over the years. Until further research is done, it could be that CosmicStrand cannot exploit an H81 UEFI vulnerability.
The malware creates a series of hooks that allow the Windows kernel to access the malware, eventually leading to the infected OS being able to retrieve a payload that will be executed on the victim’s computer. Although Kaspersky engineers could not recover the payload, they believe the malware is similar in code patterns to a Chinese group responsible for the MyKings cryptocurrency ming botnet. That’s the primary purpose of it all—scumbags who steal or try to make money.
The UEFI (Unified Extensible Firmware Interface) is almost like a mini-OS. It acts as an interface between hardware and software, influencing all software. The UEFI is generally secure and requires special code knowledge. Very few known threats to the UEFI are known.
Kaspersky’s report says that “the multiple rootkits found so far indicate a blind spot within our industry that must be addressed sooner than later.”
Although the threat is minor, it highlights the need for industry professionals to be aware of possible vulnerabilities. A malicious actor could be lured by the promise of millions of infected machines mining crypto coins.
https://colab.research.google.com/drive/1f2rbU9whhe4VPjcx1PJTtcD5tzJFogRD
https://colab.research.google.com/drive/18womzzYB5cEj5D-w6WSkHnVUbnPTqyQy
https://colab.research.google.com/drive/1S52Z6HDLT0fxRgE72hSjM7dnocivSGEl
https://colab.research.google.com/drive/1lNc49nz9zZoyujdPosOd7APfNdn57pqy
https://colab.research.google.com/drive/1oKquBLiq95Hb8aGiUwvilRyN41XZnMGy
https://colab.research.google.com/drive/17vWS3wx8fUIYp2HPugd2ILVgGPbFMb_Z
https://colab.research.google.com/drive/1FPoT9oW8xFNkrPneP4NSiYr-wgPAk2Sj
https://colab.research.google.com/drive/15iywboNpK716a2jF_ArkMQrBTH9Admg0
https://colab.research.google.com/drive/1o0rqoHXEtXuBuE4yTCrVxr-TnTrS1eG4
https://colab.research.google.com/drive/1OP-A4aAHH0JHvD2yKKoTJi5Z3l4jEjKR
https://colab.research.google.com/drive/1Ugo0WrLgc8inS5Xayf09VFxXI8SPpPtZ
https://colab.research.google.com/drive/1AfAW-Ozf6OYGMIwY0gJPgtmbAEAIy9mw
https://colab.research.google.com/drive/1aNK7f3BNvyPe5n_obzLppA-3XCIyW3SY
https://colab.research.google.com/drive/1WvoHDjoaGFNYsbo2zmGO7c-SvXZ_Sqmj
https://colab.research.google.com/drive/14ACXMuhMdBT2IWVZm6NoHa8liVYSE-Li
https://colab.research.google.com/drive/1JFtuH7ibjbwDSaAOXb7A2yBxjGx_2dNT
https://colab.research.google.com/drive/1SVSyx65tCGrtECv7un3WsidZNFPP0kCS
https://colab.research.google.com/drive/12oyBdzBbjaYT4LLReFikwjVbrc9JcVGE
https://colab.research.google.com/drive/1rV04tg-QeqylQdJO5ugjFdUHi6DCW3fh
https://colab.research.google.com/drive/1dYXfVUPPWmAHFHLp6re8ur03bMp69M36
https://colab.research.google.com/drive/1NWAzV2SPRxl07gKB6Mbchs9R2k-UPMaB
https://colab.research.google.com/drive/16UG3_vgy-npeAeIEqzEsUTyzvjBhH92s
https://colab.research.google.com/drive/1lxRyjpK-Wz-IvqnenK1fxursHdyah0SR
https://colab.research.google.com/drive/19_F3zu2ZLVbPwlegActX4CJPegWVf5EC
https://colab.research.google.com/drive/1OoEr_sMKD-5A8cPckluj0P8LbkO3sLU2
https://colab.research.google.com/drive/1FqO2bdQsEeLtcQ0oguVwEGEiyo1LLWwM
https://colab.research.google.com/drive/1y8BcLlsw-0uahnpXT87bjFrYOaedtqd7
https://colab.research.google.com/drive/1HYxqXIUhqhwG_3-qqyhkFRKvZUOUndxb
https://colab.research.google.com/drive/1PLMP-neJz9YN_nkZEBPgfLwVv644BTWC
https://colab.research.google.com/drive/1xLVnrMlA4FHmdedo1Yrf0RxFcISk6VhE
https://colab.research.google.com/drive/1JE2LLAfxbpNMdc4WWTNSopbNFl3gL5uv
https://colab.research.google.com/drive/1Bbd6PyZ9Q0TGQGDKpKJiBq_LK-bxPnDM
https://colab.research.google.com/drive/1bsgXfNumREpg72gZKm-8qTmNyyWHUQZY
https://www.football.texastech.com/profile/miniworldhacktoolunlimitedminibeansandcoinsgenerator/profile
https://www.football.texastech.com/profile/miniworldinfiniteminibeansandcoinsnewgenerator2022/profile
https://www.football.texastech.com/profile/miniworldminibeansandcoinsgeneratornosurvey2022/profile
https://www.football.texastech.com/profile/realracing3hackgoldrsgenerator2022/profile
https://www.football.texastech.com/profile/freerealracing3goldrsgeneratornoverification/profile
https://www.football.texastech.com/profile/realracing3hackcodesunlimitedgoldrsgenerator/profile
https://www.football.texastech.com/profile/realracing3infinitegoldandrsnewgenerator2022/profile
https://www.football.texastech.com/profile/realracing3goldcodesgeneratornosurvey2022/profile
https://www.football.texastech.com/profile/pokemongofreecoinsgenerator/profile
https://www.football.texastech.com/profile/pokemongohackcodesunlimitedcoinsgenerator/profile
https://www.football.texastech.com/profile/pokemongohackgetunlimitedcoins/profile
https://www.football.texastech.com/profile/pokemongohack99kcheatsfreecoins2022/profile
https://www.football.texastech.com/profile/freepokemongocoinsgenerator2022working/profile
https://www.football.texastech.com/profile/raidshadowlegendsfreegemsgenerator/profile
https://www.football.texastech.com/profile/raidshadowlegendshackcodesunlimitedgemsgenerator/profile
https://www.football.texastech.com/profile/howtogetfreegemsinraidshadowlegends2022/profile
https://www.football.texastech.com/profile/raidshadowlegendshack999kfreegemscheatsgenerator2022/profile
https://www.football.texastech.com/profile/topwarbattlegamehackgemsandgoldgenerator2022/profile
https://www.football.texastech.com/profile/topwarbattleonlinehackgenerator/profile
https://www.football.texastech.com/profile/topwarbattlegameunlimitedgemsandgoldgenerator/profile
https://www.football.texastech.com/profile/freetopwarbattlegamehackgeneratornosurvey2022/profile
https://www.football.texastech.com/profile/topwarbattlehackgoldgemsnoverification2022/profile
https://www.football.texastech.com/profile/steamredeemcodecheathackgiftcardgenerator/profile
https://www.football.texastech.com/profile/freesteamgiftcardgeneratornoverification/profile
https://www.football.texastech.com/profile/steamhack200freegiftcardgenerator2022/profile
https://www.football.texastech.com/profile/steamgiftcardgeneratorworkinghack2022/profile
https://www.football.texastech.com/profile/steamhackgetunlimitedgiftcardgenerator/profile
https://www.football.texastech.com/profile/warrobotshackgoldandsilvergenerator2022/profile
https://www.football.texastech.com/profile/warrobotsfreegoldsilvergeneratorworking2022/profile
https://www.football.texastech.com/profile/getunlimitedwarrobotsgoldandsilverhack2022/profile
https://www.football.texastech.com/profile/warrobotsfreegoldsilvergenerator2022/profile
https://www.football.texastech.com/profile/howtogetfreewarrobotsgoldandsilvergenerator2022/profile
https://www.football.texastech.com/profile/freeyoutubepremiumaccountgenerator2022/profile
https://trailblazer.me/id/brawlhallafreecoinsresourcesfree
https://trailblazer.me/id/bulletforcefreegoldhackfree
https://trailblazer.me/id/bulletforcefreegoldupdatedfree
https://trailblazer.me/id/bulletforcefreegoldgeneratorfree
https://trailblazer.me/id/bulletforcefreeunlimiitedgoldfree
https://trailblazer.me/id/bulletforcefreegoldresources
https://trailblazer.me/id/bulletforcefreecreditshackfree
https://trailblazer.me/id/bulletforcefreecreditsupdatedfree
https://trailblazer.me/id/bulletforcefreecreditsgeneratorfree
https://trailblazer.me/id/bulletforcefreeunlimitedcreditsfree
https://trailblazer.me/id/bulletforcefreeunlimitedresourcesfree
https://trailblazer.me/id/candycrushsagafreegoldhackfree
https://trailblazer.me/id/candycrushsagafreegoldupdatedfree
https://trailblazer.me/id/candycrushsagafreegoldgeneratorfree
https://trailblazer.me/id/candycrushsagafreeunlimitedgoldfree
https://trailblazer.me/id/candycrushsagafreegoldresourcesfree
https://trailblazer.me/id/candycrushsagafreeliveshackfree
https://trailblazer.me/id/candycrushsagafreelivesupdatedfree
https://trailblazer.me/id/candycrushsagafreelivesgeneratorfree
https://trailblazer.me/id/candycrushsagaunlimitedlivesfree
https://trailblazer.me/id/candycrushsagafreeunlimitedresourcesfree
https://trailblazer.me/id/clashofclanfreegemshack2022
https://trailblazer.me/id/clashofclanfreegemsupdatedhack
https://trailblazer.me/id/clashofclanfreegemsgeneratorhack
https://trailblazer.me/id/clashofclanfreeunlimitedgems2022
https://trailblazer.me/id/clashofclansfreegemsresourcesfree
https://trailblazer.me/id/clashofclansfreegoldhack2022
https://trailblazer.me/id/clashofclanfreegoldupdatedfree
https://trailblazer.me/id/clashofclanfreegoldgenerator2022
https://trailblazer.me/id/clashofclanfreeunlimitedgoldfree
https://trailblazer.me/id/clashofclanfreeunlimitedresources2022
https://trailblazer.me/id/csgofreeskinshackfree
https://trailblazer.me/id/csgofreeskinsupdatedfree
https://trailblazer.me/id/csgofreeskinsgeneratorfree
