Collaborative research between Advanced Intelligence (AdvIntel) and Eclypsium has discovered that TrickBot malware now has functionality designed to inspect and potentially target the UEFI/BIOS firmware of targeted systems. This new functionality, dubbed “TrickBoot,” makes use of open-source tools to check devices for a vulnerability that can allow Trickbot operators to read, write, or erase the UEFI/BIOS firmware of a device. This new capability targets all Intel-based systems produced in recent years and is one line of code away from bricking any device it finds to be vulnerable.
In this webinar, Vitali Kremez, one of the world’s leading authorities on TrickBot and the cybercriminal threat landscape, joins industry thought leader Scott Scheferman and esteemed Principal Researcher Jesse Michael to provide key insights, implications, and mitigations for one of the biggest discoveries of 2020: Trickboot. You’ll learn:
- How Trickbot’s new TrickBoot module works and why it’s so dangerous
- Which systems are vulnerable and how to assess your risk
- What the risk implications are for missions, enterprises, and critical infrastructure
- What steps you need to take to get ahead of this development and keep Trickbot from bricking your devices or planting persistence at the firmware level.