UEFI rootkit

URI: https://gptkb.org/entity/UEFI_rootkit

GPTKB entity

Predicate	Object
gptkbp:instanceOf	malware rootkit
gptkbp:can_be_installed_by	physical access remote exploitation
gptkbp:can_evade	OS-level security tools
gptkbp:can_modify	UEFI boot process
gptkbp:can_survive	hard drive replacement
gptkbp:canBe	gptkb:remote_control espionage data theft persistence
gptkbp:canBeBypassedBy	traditional antivirus
gptkbp:detects	firmware integrity tools
gptkbp:discoveredBy	2018
https://www.w3.org/2000/01/rdf-schema#label	UEFI rootkit
gptkbp:notableExample	gptkb:CosmicStrand gptkb:MoonBounce gptkb:LoJax
gptkbp:persists_after	operating system reinstall
gptkbp:provides	persistent access
gptkbp:target	UEFI firmware
gptkbp:bfsParent	gptkb:LoJax
gptkbp:bfsLayer	6