CosmicStrand malware targets old Asus and Gigabyte motherboards

A novel malware named CosmicStrand is said to be targeting the old motherboards offered by Asus and Gigabyte and the crux is that it can survive operating system re-installs and it survives in Unified Extensible Firmware Interface (UEFIs) unlike just the storage drive.

Russia-based cybersecurity firm Kaspersky confirmed this news as its researchers have discovered the malware propelling on old Microsoft machines since Dec’16.

CosmicStrand has reportedly claimed victims from Russia, China, Vietnam and Iran and so the intelligence from Kremlin feels the malware was developed by West and aimed to gather intelligence from individuals.

The only good news is that the malware has so far infected Intel H81 Chipsets that were induced into the market in 2013 and has capabilities to give full control to remote hackers.

As of now, information is out that the Cosmic Strand gained its presence from another malware strain and was devised to extract, modify and overwrite the motherboards firmware.

What’s interesting about this malware is that it was existing from the past 4-5 years and Chinese antivirus vendor Qihoo 360 discovered it for the first time in 2017.

But somehow the said malicious software hid for several years and was dug out and revealed to the world by Kaspersky.

NOTE- In the year 2017, Qihoo 360 said in its security report that Cosmic Strand was backdoor-ed on the Asus B85M motherboards by a vendor in the supply chain. If that is true, then how come the notion that the malware was developed by West started on Twitter, Reddit and on few Telegram?

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display