Sunday 28 October 2018, Poradnik bezpieczeństwa
LoJax virus – even formatting the drive will not help
Lost24
The internet serurity experts from ESET have discovered a dangerous virus – LoJax, which is a threat to the devices of the residents of central and eastern Europe, this including Poland. The threat is dangerous in the sense that it nests in the computer motherboard integrated circuit, where the UEFI – the successor of BIOS – is located.
The virus is difficult to delete since even completing a disc format will not help. As the researchers from ESET explain, LoJax, after taking control over the operating system, overwrites the UEFI, that is the system steering the operation of the computer, a malicious code which is responsible for the activation of a Trojan horse in the victim's operating system. Next, the device communicates with the C&C server, downloads and installs the target threat in the system.
The Sednit cyber criminal group is behind the attack and the group specializes in, inter alia, attacks on diplomatic posts and financial institutions.
If there has been a LoJax infection of a computer, the only solution which is available to the victim is reflashing firmware, which means restoring UEFI to the factory settings.
There are no comments