MoonBounce
From Wikipedia, the free encyclopedia
| MoonBounce | |
|---|---|
| Malware details | |
| Type | Bootkit |
| Classification | Rootkit |
| Author | APT41 |
| Technical details | |
| Platform | Microsoft Windows |
MoonBounce is a UEFI firmware-based rootkit. It is linked to the Chinese APT41 hacker group. MoonBounce was discovered by the researchers at Kaspersky in 2021.[1] It can disable Windows security tools and bypass User Account Control.[2]
Data shows that the attacks are highly targeted.[3] The malware is a landmark in UEFI rootkit evolution.[4] It is the third known malware UEFI bootkit found.[citation needed]