ESET security researchers find rootkit that survives OS reinstall and HDD replacement

Originally published at:

Researchers from antivirus vendor ESET, report they have discovered the first ever UEFI rootkit that has been actively used in the wild and can survive a reinstall of the operating system and the replacement of the HDD. The rootkit has reportedly been used by a Russian hacker group.

FIrst off, I hate UEFI! I hate working with it. I hate fighting to set up boot environments. I hate worrying about buying a computer and being stuck with Windows because the manufacturer won’t let me unlock the stupid thing. Above all, I HATE trying to get other peoples’ broken computers to boot into anything other than broken Windows systems.

Second off, I guess I’m right to avoid using UEFI booting. You can have my “legacy” boot setups when you pry them from my cold, dead hands!

Third off… did I just read advice from security experts giving a reason why “secure” boot is more “secure” than non-“secure” UEFI booting? I never thought I would see the day.:wink: