Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains unpatched on affected models.

The critical vulnerability is one of a constellation of exploitable flaws discovered last year and given the name LogoFAIL. These exploits are able to override an industry-standard defense known as Secure Boot and execute malicious firmware early in the boot process. Until now, there were no public indications that LogoFAIL exploits were circulating in the wild.

The discovery of code downloaded from an Internet-connected web server changes all that. While there are no indications the public exploit is actively being used, it is reliable and polished enough to be production-ready and could pose a threat in the real world in the coming weeks or months. Both the LogoFAIL vulnerabilities and the exploit found on-line were discovered by Binarly, a firm that helps customers identify and secure vulnerable firmware.

    • @davidgro
      link
      English
      2515 days ago

      A famous one of these was the headline

      Galaxy Nexus: Android Ice Cream Sandwich Guinea Pig

      • @LorIps
        link
        English
        214 days ago

        I can’t read this either.

        • @GeneralVincent
          link
          English
          714 days ago

          Pretty sure it means

          Galaxy Nexus (the smartphone): Android (OS) Ice Cream Sandwich (OS Version) Guinea Pig (Test Subject)

          (So the new Android OS version, Ice Cream Sandwich, is being tested on the Galaxy Nexus phone)

        • @[email protected]
          link
          fedilink
          English
          3
          edit-2
          14 days ago

          Galaxy Nexus

          Android phone by Google released ~15 years ago.

          Android Ice Cream Sandwich

          Android 4.0

          Guinea Pig

          First to try something.

          Make sense?

    • @mdurell
      link
      English
      1515 days ago

      It would probably be blank. The literacy rate wasn’t particularly great back then.

    • @PushButton
      link
      English
      -414 days ago

      If you see a kitty cat during the boot, format / put your bios’ keys to “factory” and reinstall.

      Not a big deal.

      • @mint_tamas
        link
        English
        1114 days ago

        Surely a malware that’s not a POC will not display an obvious logo to notify users of its presence?

        • @[email protected]
          link
          fedilink
          English
          -114 days ago

          You overestimate both the competence of malware developers and the perceptiveness of users.