MoonBounce Malware Hides In Your BIOS Chip, Persists After Drive Formats


Kaspersky Labs discovers MoonBounce

A new type of malware takes a decidedly more stealthy and hard-to-remove path into your OS — it hides in your BIOS chip and thus remains even after you reinstall your OS or format your hard drive.

Kaspersky has observed the growth of Unified Extensible Firmware Interface (UEFI) firmware malware threats since 2019, with most storing malware on the EFI System Partition of the PC’s storage device. However, a sinister development has been spotted over the New Year with a new UEFI malware, detected by Kasperksy’s firmware scanner logs, that implants malicious code into the motherboard’s Serial Peripheral Interface (SPI) Flash. The security researchers have dubbed this flash-resident UEFI malware ‘MoonBounce’.

Read more…