Hello Bootkitty! Linux Gets A UEFI Bootkit
Worst Crossover Episode Ever
It makes sense that UEFI bootkits would work on Linux machines, at that level your operating system doesn’t matter to your motherboard. What has been delaying hackers is the infection vector itself, as Linux offers more of a challenge than Windows systems for a variety of reasons. Unfortunately the grace period is now over, with security specialists at ESET detecting a bootkit on VirusTotal. They called it Bootkitty and it somewhere it is making a Linux administrator miserable.
Bootkitty is not very capable yet, it only works on a handful of Ubuntu versions, it is unable to get around Secure Boot and it is just as likely to crash an infected system during boot as it is to successfully launch and gather data from an infected machine. That is unlikely to remain the case, as more nefarious people work to find ways to infect Linux machines but for now lets hope it takes them a long time!
Bootkitty, however, is not that advanced just yet. It isn't able to run on Linux systems with Secure Boot enabled. The bootkit is a self-signed certificate so in order to run on Secure Boot-protected systems, the system would already have to have the attackers' certificates installed.