Hacking Team's UEFI rootkit could enable persistent infections
If remote execution of code via Flash or Java vulnerabilities isn't irritating enough, the Hacking Team leaks could have opened the door to more persistent pwnage, too. Trend Micro warns of a UEFI rootkit developed by the gray-hat devs that's designed to make life miserable for victims with unsecured motherboards. Once it's flashed to the system's firmware, the rootkit ensures that Hacking Team's Remote Control System malware remains installed on the target machine by checking for its presence in Windows before the OS even boots. If the user somehow manages to purge the malware, the compromised firmware reinstalls it before allowing Windows to load.
Since the exploit resides in firmware, reformatting or even replacing the boot volume is not sufficient action to clean the infection. ...