Skip to main content
  1. Home
  2. Computing
  3. News

‘LoJax’ rootkit malware can infect UEFI, a core computer interface

By
Hacker with Computer
Bill Hinton/Getty Images

Modern computers utilize what is known as a Unified Extensible Firmware Interface (UEFI) to get up and running. When you press the power button on your Mac or PC, the UEFI begins communicating with your computer’s hardware and your operating system of choice, whether that be MacOS, Windows, or Linux. However, in a terrifying turn of events, ESET researchers have discovered a malicious piece of software, a rootkit, that burrows into your UEFI and is nearly impossible to get rid of, even when detected.

Rootkits are malicious bits of computer software that can infect a user’s machine and gain access to areas that are typically off-limits, such a private user data or protected system files. While the concept of rootkits taking advantage of a computer’s UEFI isn’t new, this is the first time that a sample has been detected in the wild.

Recommended Videos

The UEFI rootkit, code-named LoJax, takes advantage of a legitimate software designed by the Canadian company, Absolute Software. The security company offers an anti-theft solution for computers known as LoJack, which can assist victims in locating their stolen property. One of LoJack’s most exceptional features is its ability to stay present on a machine when the operating system is reinstalled, and the now malicious LoJax variation has taken keen advantage of that function.

Related

LoJax has been shown to be the child of cyber espionage and hacking group Fancy Bear. Typically acknowledged as a product of the Russian military intelligence agency, GRU, the group has been behind many prominent attacks including those in the German parliament, the White House, NATO, the Democratic National Committee, and the International Olympic Committee.

What makes a UEFI rootkit particularly dangerous when compared to a standard rootkit is its ability to survive. Not only can LoJax gain access to restricted files on a user’s machine, but it can withstand the digital equivalent of a complete holocaust. Due to the way in which the rootkit attaches to a machine’s SPI flash memory, the chip in which a computer’s UEFI is kept, wiping your internal drive, or even completely replacing it, won’t get rid of it.

The LoJax rootkit can only be removed from a system by either reprogramming the SPI flash memory, a very delicate and complex operation, or by completely swapping out the motherboard. Individuals can help to keep themselves safe against the attack by ensuring that their machines have Secure Boot enabled; this prevents unauthorized firmware on your UEFI from booting your computer.

Editors' Recommendations

Topics
Michael Archambault
Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
What to do if your Intel CPU keeps crashing
Pins on Core i9-12900K.

Despite being among the best processors you can buy, some high-end Intel CPUs have faced a wave of instability over the past few months. Intel is investigating the problem, but the company and its motherboard partners have already worked toward some temporary fixes to improve stability on high-end Intel CPUs -- even if it comes at a performance cost.

Before getting into the fixes, keep in mind that they are temporary. Intel will release a statement on the instability soon, likely with more direct guidance on what affected users should do. In addition, the scope of the problem isn't clear -- if you're not experiencing issues, you shouldn't have anything to worry about.
Who's affected

Read more
HP Envy deals: HP’s most popular laptop starts at $630
An HP Envy 17-inch laptop sits on an office desk.

HP is one of the best laptop brands in the laptop space, with a huge selection of laptops to pick from, including some of the best laptops on the market. More specifically, though, the HP lineup is probably at the top when it comes to versatile and relatively well-valued laptops. While there are quite a few variations and configurations of the HP Envy, we've gone ahead and put together the ones that we think will give you the most bang for your buck. That said, if you haven't found something you're specifically looking for, be sure to check out some of these other great laptop deals as well.
HP Envy x360 2-in-1 laptop 15Z-FH000 — $650, was $900

The HP Envy x360 convertible laptop is a great option for just about anyone, particularly anyone who enjoys the touchscreen functionality of a tablet. It’s well designed and super slim, making it a truly go-anywhere device. Despite its portability, it still has an immersive 15.6-inch touchscreen that’s great for creators, note-takers, and binge watchers. Top notch build quality and durability, fast charging technology, a fingerprint reader, and great battery life round out the top features of the HP Envy x360 convertible touchscreen laptop. It competes well with the best 2-in-1 laptops. Its versatility and all-around capability make it a worthy companion on any desk, and on any lap.

Read more
I use these simple printer tips to save money on ink and toner
Printing is fast and economical with the HP Smart Tank 7602.

The cost of a printer can range from under $100 for some good, low-cost inkjet printers to several hundred for the best color laser printers. However, the price you pay upfront doesn’t include paper, and the included ink and toner only lasts so long.

A bargain printer can end up costing you more overall if the cartridges are small and replacements are expensive. Follow these tips to minimize ink, toner, and paper waste, reducing the ongoing expense of using your printer in the long run.
Print in monochrome
Adobe Acrobat's print settings includes a grayscale option. Digital Trends

Read more