New UEFI rootkit discovered: CosmicStrand
Kaspersky experts have discovered a new example of a UEFI rootkit: CosmicStrand. At the moment, the CosmicStrand kit only targets private individuals and not companies. But that changes is only a matter of time. Kaspersky experts have discovered a rootkit developed by an Advanced Persistent Threat (APT) actor that remains on the victim's computer even after the operating system is restarted or Windows is reinstalled. The UEFI firmware rootkit 'CosmicStrand' has so far mainly been used for attacks on private individuals in China, some victims are also located in Vietnam, Iran...