Bootkit

Short bio - A bootkit is a type of malicious infection which targets the Master Boot Record located on the physical motherboard of the computer. Attaching malicious software in this manner can allow for a malicious program to be executed prior to the loading of the operating system.

The primary benefit to a bootkit infection is that it cannot be detected by standard operating systems processes because all of the components reside outside of the Windows file system.

Bootkit infections are on the decline with the increased adoption of modern operating systems and hardware utilizing UFEI and Secure Boot technologies.

Symptoms

Well-crafted bootkit infections may provide little indication of compromise as pertinent files may be hidden from the operating system and security defenses present on the computer. More often, bootkit infections may cause system instability and result in Blue Screen warnings or an inability to launch the operating system. Some bootkit infections may display a warning and demand payment via digital currency to restore the computer to an operational capacity. Malwarebytes recommends to never pay these types of ransom.

Type and source of infection

Bootkits were historically spread via bootable floppy disks and other bootable media. Recent bootkits may be installed using various methods, including being disguised as harmless software program and distributed alongside free downloads, or targeted to individuals as an email attachment. Alternatively, bootkits could be installed via a malicious website utilizing vulnerabilities within the browser. Infections that happen in this manner are usually silent and happen without any user knowledge or consent.

Protection

Malwarebytes can scan and detect for the presence of some bootkit infections. These detections utilize a specific set of rules and tests to determine if a bootkit infection is present on the computer. This testing method is more intensive and more effective, but including rootkit scans as part of your overall scan strategy increases the time required to perform a scan.

Remediation

Malwarebytes can detect and remove many Bootkit infections without further user interaction. More advanced infections may require rebuilding of the Master Boot Record

Please download Malwarebytes to your desktop.

Double-click MBSetup.exe and follow the prompts to install the program.

When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.

Click on the Get started button.

Click Scan to start a Threat Scan.

Click Quarantine to remove the found threats.

Reboot the system if prompted to complete the removal process.

Do some research on bootkit and find out how it works. Here is one link:

Select one program from the list and find out how it works.

Answer the following questions:

Write how the bootkit based malware works.

If you suspect that your computer is infected by this bootkit malware, what will you do?

x M Malwarebytes Premium 344 Malwarebytes I PREMIUM My Account Dashboard Application Protection Scan Schedule Exclusions Account Details About Scan Scan Options Scan for rookies Quarantine On Reports Scan within archives On Use signature-less anomaly detection for increased protection Settings On Potential Threat Protection Potentially Unwanted Programs (PUP) Always detect PUPs (recommended) Potentially Unwanted Modifications (PUMS) Always detect PUMs (recommended) Updates Automatically check for updates On Quick Tour