Bootkitty, a not too long ago found boot-level UEFI rootkit for Linux, was evidently created by college students taking part in a cybersecurity coaching program on the South Korean Data Know-how Analysis Institute (KITRI).
The bootkit, discovered and analyzed by researchers from antivirus vendor ESET final week, confirmed indicators of being a proof of idea relatively than production-ready malware. Nonetheless, the prototype, which ESET described because the first-ever UEFI bootkit for Linux, could possibly be used as inspiration for attackers who till now have developed UEFI bootkits just for Home windows, at the least so far as it’s publicly recognized.
“We imagine this bootkit is merely an preliminary proof of idea, and based mostly on our telemetry, it has not been deployed within the wild,” the ESET researchers wrote of their unique report. “That stated, its existence underscores an essential message: UEFI bootkits are now not confined to Home windows methods alone.”
