The “Russian hacker” has found a new weapon
Experts in the field of cyber security from the company ESET announced the new attack tools appeared in the Arsenal group Fancy Bear. This was reported in the blog of the organization.
It is reported that cybercriminals are using the new rootkit (a program that hides the presence of viruses in the system) called UEFI. This is the first deployment of such malicious module.
Experts warn that this is an extremely dangerous tool in the hands of criminals. It is difficult to detect and it can survive such security measures as reinstalling OS or replacing the hard disk drive. The authors planned attack, the experts called group of Fancy Bear (also known as Sednit, Sofacy and APT28 APT). These hackers have been repeatedly accused of having links with the Russian government.
News“Moscow’s Hand” attached to all
Players also Fancy Bear attacks using official software Computrace or LoJack can help protect the computer in case of theft or loss. Cyber criminals have rewritten the code so to gain hidden control over machines.
The researchers dubbed their malicious product LoJax. It is proved that the group used its various components for malicious attacks on several government organizations in the Balkans and in Central and Eastern Europe.
Most virus scanners cannot detect harmful programs. Removal of such software requires some serious technical skills.
See also. AP: Russian hackers tried to hack the correspondence of the Patriarchate of Constantinople