Bootkitty: The Linux Bootkit Giving Windows-Only Hackers a Run for Their Money!

Meet Bootkitty, the first UEFI bootkit designed for Linux systems. Created by BlackCat, this proof-of-concept bootkit aims to bypass kernel signature verification. While not yet seen in the wild, it signals a shift in cyber threats, proving UEFI bootkits aren’t just a Windows exclusive club anymore.

3P
Published: November 27, 2024 12:57 pmAdded: November 27, 2024 at 5:01 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Linux users, you thought you were safe from bootkits? Well, think again! Bootkitty is here to claw its way into your systems, proving that no operating system is safe from the purr-sistent advances of cyber mischief-makers. Who knew cats could be so interested in boots? Maybe they just want to play with the laces.

Key Points:

  • First UEFI bootkit for Linux, named Bootkitty, is a proof-of-concept.
  • Bootkitty disables kernel’s signature verification and loads unknown ELF binaries.
  • The bootkit is ineffective on systems with UEFI Secure Boot enabled unless compromised.
  • Discovery includes an unsigned kernel module capable of deploying further unknown modules.
  • No evidence links Bootkitty to the ALPHV/BlackCat ransomware group.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?