CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards


CosmicStrand UEFI malware targets Gigabyte, ASUS motherboards

hinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a UEFI rootkit.

Researchers at cybersecurity company Kaspersky called it CosmicStrand but an earlier variant of the threat was discovered by malware analysts at Qihoo360, who named it Spy Shadow Trojan.

It is unclear how the threat actor managed to inject the rootkit into the firmware images of the target machines but researchers found the malware on machines with ASUS and Gigabyte motherboards.

Read more…