‘LoJax’ rootkit malware can infect UEFI, a core computer interface

Hacker with Computer
Bill Hinton/Getty Images

Modern computers utilize what is known as a Unified Extensible Firmware Interface (UEFI) to get up and running. When you press the power button on your Mac or PC, the UEFI begins communicating with your computer’s hardware and your operating system of choice, whether that be MacOS, Windows, or Linux. However, in a terrifying turn of events, ESET researchers have discovered a malicious piece of software, a rootkit, that burrows into your UEFI and is nearly impossible to get rid of, even when detected.

Rootkits are malicious bits of computer software that can infect a user’s machine and gain access to areas that are typically off-limits, such a private user data or protected system files. While the concept of rootkits taking advantage of a computer’s UEFI isn’t new, this is the first time that a sample has been detected in the wild.

The UEFI rootkit, code-named LoJax, takes advantage of a legitimate software designed by the Canadian company, Absolute Software. The security company offers an anti-theft solution for computers known as LoJack, which can assist victims in locating their stolen property. One of LoJack’s most exceptional features is its ability to stay present on a machine when the operating system is reinstalled, and the now malicious LoJax variation has taken keen advantage of that function.

LoJax has been shown to be the child of cyber espionage and hacking group Fancy Bear. Typically acknowledged as a product of the Russian military intelligence agency, GRU, the group has been behind many prominent attacks including those in the German parliament, the White House, NATO, the Democratic National Committee, and the International Olympic Committee.

What makes a UEFI rootkit particularly dangerous when compared to a standard rootkit is its ability to survive. Not only can LoJax gain access to restricted files on a user’s machine, but it can withstand the digital equivalent of a complete holocaust. Due to the way in which the rootkit attaches to a machine’s SPI flash memory, the chip in which a computer’s UEFI is kept, wiping your internal drive, or even completely replacing it, won’t get rid of it.

The LoJax rootkit can only be removed from a system by either reprogramming the SPI flash memory, a very delicate and complex operation, or by completely swapping out the motherboard. Individuals can help to keep themselves safe against the attack by ensuring that their machines have Secure Boot enabled; this prevents unauthorized firmware on your UEFI from booting your computer.


These are the worst passwords of 2018. Is yours on this list?

Do you use a bad password that makes your online accounts easy to break into? SplashData has compiled a list of the top 100 worst passwords for 2018 and there are quite a few listings that were carryovers from prior lists.

Trash at 'Super Smash Bros. Ultimate'? Use this guide to train up and get good

Super Smash Bros. Ultimate is the biggest game in the entire series, and it can be overwhelming for newcomers not used to the universe-colliding fighting game. Here's what you need to know when you're starting.

Here's why 64-bit (not 32-bit) dominates modern computing

Today's computing world isn't the same as it once was. With 64-bit processors and operating systems replacing the older 32-bit designs, we look at what 32-bit vs. 64-bit really means for you.

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…

The best mirrorless cameras pack all the power of a DSLR, minus the bulk

Mirrorless cameras offer a lot of photography firepower, inside a compact body. Explore the best mirrorless cameras, from the pro-level to the beginner-friendly shooters, in this guide.

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.

Microsoft could split up search and Cortana in the next Windows 10 release

In the latest Insider preview build, Microsoft is exploring ways to split up Cortana and search on Windows 10. If Microsoft moves ahead with this change, we could see separate search and Cortana options in the Spring 2019 Update.

Windows Update not working after October 2018 patch? Here’s how to fix it

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.

Mining cryptocurrency for Razer Silver isn’t worth your computing power

Gaming peripheral maker Razer launched a cryptocurrency mining scheme called SoftMiner. You use its software to mine and in return, you get Razer Silver which you can use to buy Razer gear.

Microsoft’s latest patent paves the way for Andromeda dual-screen mobile device

The latest patent discovery from Microsoft showcases a new hinge design for quickly opening a dual-screen mobile device with a single hand. Could this be additional proof surrounding the rumors of the company's Project Andromeda device?

Heal your wrist aches and pains with one of these top ergonomic mice

If you have a growing ache in your wrist, it might be worth considering changing up your mouse for something ergonomic. But which is the best ergonomic mouse for you? One of these could be the ticket to the right purchase for you.

Nvidia’s Jetson AGX Xavier module is designed to give robots better brains

Nvidia's pricey Jetson AGX Xavier might help drive the next generation of smart robots. Nvidia hopes that developers will use its new Xavier module to power AI-driven machines like delivery drones and robots used in manufacturing.

These Windows 10 keyboard shortcuts will update your OG Windows skills

Windows 10 has many new features, and they come flanked with useful new keyboard shortcuts. Check out some of the new Windows 10 keyboard shortcuts to improve your user experience and save more time!

Leaked AMD Ryzen 3000 mobile benchmarks look fit for thin, low-power laptops

AMD is poised to give Intel a run for its money in the ultra-low-power processor space for laptops. Leaked benchmarks for the Ryzen 3000 APU series show the AMD processor besting Intel's Core i7 Y series in multicore performance.