TrickBot has released a new “TrickBoot” module which scans for vulnerable firmware and also has the ability to read, write and erase it on devices. The TrickBot malware has once again morphed and adapted, with the malware now being able to inspect the UEFI/BIOS firmware of targeted systems.
TrickBot has seen a major resurgence after it experienced a takedown of its infrastructure, headed by Microsoft and others, in October. The Windows Unified Extensible Firmware Interface (UEFI) is a specification that controls the operation of low-level platform firmware, which also includes the loading of the operating system.
