Hello Bootkitty! Linux Gets A UEFI Bootkit

Source: The Register Hello Bootkitty!  Linux Gets A UEFI Bootkit

Worst Crossover Episode Ever

It makes sense that UEFI bootkits would work on Linux machines, at that level your operating system doesn’t matter to your motherboard.  What has been delaying hackers is the infection vector itself, as Linux offers more of a challenge than Windows systems for a variety of reasons.  Unfortunately the grace period is now over, with security specialists at ESET detecting a bootkit on VirusTotal.  They called it Bootkitty and it somewhere it is making a Linux administrator miserable.

Bootkitty is not very capable yet, it only works on a handful of Ubuntu versions, it is unable to get around Secure Boot and it is just as likely to crash an infected system during boot as it is to successfully launch and gather data from an infected machine.  That is unlikely to remain the case, as more nefarious people work to find ways to infect Linux machines but for now lets hope it takes them a long time!

You can find more details at The Register.

Bootkitty, however, is not that advanced just yet. It isn't able to run on Linux systems with Secure Boot enabled. The bootkit is a self-signed certificate so in order to run on Secure Boot-protected systems, the system would already have to have the attackers' certificates installed.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!