LoJack for computers used to attack European government bodies | Advanced Mobile Spy Software
Security researchers have detected the first known instance of a UEFI bootkit being used in targeted campaigns against government entities across Central and Eastern Europe. The attack focuses on UFEI-enabled computers and relies on a persistence mechanism that has been stolen from a legitimate, but often questioned, software called Computrace that comes by default on many computer systems. This Computrace agent from Absolute Software is a service designed to recover lost or stolen computers, the underlying technology of which is based on the LoJack Stolen Vehicle Recovery System. In 2005, Absolute Software licensed the LoJack name and subsequent tracking technology to aid in recovery efforts of stolen computers. After negotiations with manufacturers, the Computrace agent from Absolute Software—or LoJack for computers—now comes pre-loaded on a large number of machines. The Computrace software uses a novel method to maintain persistence on computers. This methodology allows the code to