From zdnet.com
![](https://www.zdnet.com/a/img/resize/a5423c1a8b673ba79d137e9d683b3b9bcc81fb6a/2021/06/29/1b445116-bb3a-42ac-a646-e43829d1a46d/extracting-water-from-the-moon.jpg?width=770&height=578&fit=crop&auto=webp)
Security researchers have unveiled MoonBounce, a custom UEFI firmware implant used in targeted attacks.
The implant is believed to be the work of APT41, a Chinese-speaking sophisticated hacking group also known as Winnti or Double Dragon.
On January 20, Kaspersky researchers said that at the end of last year, the team uncovered a case of Unified Extensible Firmware Interface (UEFI) compromise caused by the modification of one component in the firmware – a core element called SPI flash, located on the motherboard.