For folks who aren't aware or simply don't remember: back in the late 2000s and early 2010s, a lot of PC vendors started leveraging UEFI to add special features to their machines, particularly laptops. A lot of these "features" were hideous hackjobs that presented more of a security threat than a value-add. I'm certain there are all sorts of vendor-specific UEFI vulns to be discovered thanks to those machines.
HP, for example, had a standalone UEFI app that provided a simple interface into Outlook that only took a couple seconds to boot. They also had a program that embedded itself into their laptops' SMM that showed your Outlook calendar while Windows was booting.
For folks who aren't aware or simply don't remember: back in the late 2000s and early 2010s, a lot of PC vendors started leveraging UEFI to add special features to their machines, particularly laptops. A lot of these "features" were hideous hackjobs that presented more of a security threat than a value-add. I'm certain there are all sorts of vendor-specific UEFI vulns to be discovered thanks to those machines.
HP, for example, had a standalone UEFI app that provided a simple interface into Outlook that only took a couple seconds to boot. They also had a program that embedded itself into their laptops' SMM that showed your Outlook calendar while Windows was booting.
From the article: "To date, ESET has found no evidence of actual infections in the wild." It was uploaded to some service though.
Original article, with the technical analysis of the bootkit:
https://www.welivesecurity.com/en/eset-research/bootkitty-an...
I could swear i've seen EFI Bootkits for Linux a decade ago.
seems to be a dup
https://news.ycombinator.com/item?id=42262525