Towards the end of 2022, an unknown threat actor boasted online that they created a new and powerful UEFI bootkit called BlackLotus. Its most distinctive feature? It could mysteriously bypass UEFI Secure Boot, a feature built into all modern computers to prevent them from running unauthorized software. What at first sounded like a myth turned into reality a few months later when ESET researchers discovered a sample that perfectly matched all the mentioned attributes of a UEFI bootkit known as BlackLotus. Listen to the fascinating story of ESET Malware Researcher Martin Smolár describing his threat hunt to our host ESET Distinguished Researcher Aryeh Goretsky. For more info about this research, read the blogpost on WeLiveSecurity.com.

Host:

Aryeh Goretsky, ESET Distinguished Researcher

Guest:

Martin Smolár, ESET Malware Researcher

Materials:

BlackLotus UEFI bootkit: Myth confirmed