Gigabyte Firmware Flaw Allows UEFI Ransomware

At a security conference this week, a hacking team demonstrated that they could inject ransomware in the UEFI bios of certain Gigabyte motherboards. This is pretty hardcore at this level as software such as anti-virus, and even things like Acronis can't prevent and stop this kind of attack. With all the handy features UEFI brings, it also brings new threats. Hopefully these hackers stay working for the good guys and they Gigabyte patches things up real soon.

The second vulnerability is another lapse on Gigabyte's side, who forgot to implement a system that cryptographically signs UEFI firmware files. The second flaw also covers Gigabyte's insecure firmware update process, which doesn't check the validity of downloaded files using a checksum and uses HTTP instead of HTTPS. CERT/CC has issued an official Vulnerability Bote (VU#507496) for both flaws.

Source: BleepingComputer