China virus - of the UEFI flavour - :O

Karl gmkarl at
Wed Oct 7 13:59:17 PDT 2020

BTW there is a new UEFI and human behavior vulnerability discovered.

To state the obvious, there are even more undiscovered ones, and many are
using them.

To state the unobvious, nobody is discussing what to do about that anymore,
which means we're all hacked, and we don't know by whom.


On Tue, Oct 6, 2020, 7:47 AM Zenaan Harkness <zen at> wrote:

> Another China virus ("read my lips: Chai-nah vai-russ"), this time going
> all the way down to the mobo's UEFI:
>    Kaspersky Finds Sophisticated UEFI Malware in the Wild
>       ... MosaicRegressor .. The infection was discovered on just two
>       computers, both belonging to diplomatic officials in Asia. The full
>       exploit chain is long and varied, allowing the attackers to load
> multiple
>       modules to control the target system and steal data. However, it all
>       starts with the UEFI loader. On each boot, MosaicRegressor checks to
> see
>       if its malicious “IntelUpdate.exe” file is in the Windows startup
> folder.
>       If not, it adds the file.
>       ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1802 bytes
Desc: not available
URL: <>

More information about the cypherpunks mailing list