UEFI rootkit

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf malware
rootkit
gptkbp:can_be_installed_by physical access
remote exploitation
gptkbp:can_evade OS-level security tools
gptkbp:can_modify UEFI boot process
gptkbp:can_survive hard drive replacement
gptkbp:canBe gptkb:remote_control
espionage
data theft
persistence
gptkbp:canBeBypassedBy traditional antivirus
gptkbp:detects firmware integrity tools
gptkbp:discoveredBy 2018
https://www.w3.org/2000/01/rdf-schema#label UEFI rootkit
gptkbp:notableExample gptkb:CosmicStrand
gptkb:MoonBounce
gptkb:LoJax
gptkbp:persists_after operating system reinstall
gptkbp:provides persistent access
gptkbp:target UEFI firmware
gptkbp:bfsParent gptkb:LoJax
gptkbp:bfsLayer 6