MoonBounce: Firmware bootkit more elusive and persistent
Kaspersky have discovered the third case of a UEFI firmware bootkit “in the wild”. The MoonBounce bootkit is more elusive and persistent than its predecessors. The campaign is credited to well-known Chinese-speaking Advanced Persistent Threat (APT) actor APT41. Kaspersky security researchers have discovered another firmware bootkit. The malicious implant, dubbed 'MoonBounce', is hidden in computers' Unified Extensible Firmware Interface (UEFI) firmware – an essential part of computers. This is located in the SPI Flash, a memory component outside of the hard disk. Such implants are notoriously difficult to remove and have limited visibility for security products. UEFI Firmware Bootkit…