Techly NewsGet the app

Get the latest tech news

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor


Unearthed sample likely works against Linux devices from Acer, HP, Fujitsu, and Lenovo.

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains unpatched on affected models. In this setup, the attacker can replace the known-good GRUB + kernel with a backdoored version by enrolling their own signing key without user interaction via the LogoFAIL exploit, but it’s still effectively a GRUB-based bootkit, and doesn't get hardcoded into the BIOS firmware or anything. Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Code

Code

Photo of LogoFAIL

LogoFAIL

Photo of online exploits

online exploits

Related news:

News photo

Linux 6.13 Staging Clears Out 107k Lines Of Code From Old & Unmaintained Drivers

News photo

Quality of code is too high

News photo

Is the 'Hour of Code' the New 30-Minute Saturday Morning Cartoon Commercial?

« Casio's odd watch-shaped smart ring is actually coming to the US
Amazon Black Friday: Pick up the Google Nest wired indoor camera for $70 »