Like all malware, Bootkitty (the name of the bootkit version for Linux) is used to hack computers, but if the Trojan was previously used to hack Windows devices, now attackers have begun to use this software to attack Linux. This software often modifies the boot sector of the hard drive so that it is not deleted when the operating system is reinstalled and remains active on a new system.
Security experts believe that the main purpose of a boot kit in Linux is to disable kernel signature verification and load third-party files during the startup process. But malware doesn’t always work: The software is most likely in an early stage of development. This is evidenced by a special certificate that does not work on an operating system with the Secure Boot function enabled, limiting the scope of the boot kit to several Ubuntu distributions.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
