Threat Actor Selling UEFI BootKit BlackLotus On Hacking Forums

The threat actor is supposedly selling a brand new UEFI bootKit named BlackLotus on hacking forums, which is commonly linked with state-sponsored hacking groups. According to the seller, the malware includes features like integrated Secure Boot bypass, built-in Ring0/Kernel protection against removal, anti-virtual-machine, anti-debug, and other features. The bootkit can also bypass standard protection mechanisms such as User Account Control (UAC) and can disable Windows Defender. Read more...  

Read More

Got Something To Say?

Your email address will not be published.