What is MoonBounce Malware?
Experts says that the malware is not easy to detect even by using security software. If a malware cannot be detected easily, it means it is not easy to remove it as well. It is still believed that APT41 is behind the newly discovered malware. APT41 is a group of cybercriminals that is allegedly associated with Chinese government.
Why is MoonBounce Malware difficult to remove and detect?
Once the MoonBounce Malware is activated, it has the potential to maintain access to the host computer. Along with this, it can also use the new malware to infect your computer. The MoonBounce malware is not like the other malware that is stored in your files or downloaded apps, rather it hides itself in BIOS chip. BIOS is a ROM chip located on motherboards to allow users to access and set up PCs at the most basic level. So, if you format your hard drive or reinstall the OS, you cannot remove the malware.
MoonBounce isn’t the first UEFI malware that has been discovered
Since 2019, Kaspersky has seen a rapid growth of Unified Extensible Firmware Interface malware threats. Recently, MoonBounce malware was discovered but before this likes of LoJax and MosaicRegressor were also discovered. The only difference is, MoonBounce has “significant advancement’ and is more dangerous. Kaspersky also noted that the MoonBounce malware is hidden within UEFI
How to protect your computer system from MoonBounce Malware
Kaspersky suggests several measures to avoid being a victim to MoonBounce Malware.
It suggests users to keep their UEFI firmware up to date that too directly from the manufacture.One has to make sure that BootGuard is turned on.Also, one must enable Trust Platform Modules.Security software should be installed to scan system firmware. This must be done to take measures if UEFI malware is detected.
How to get rid of MoonBounce malware?
The malware is said to be a bootkit. So, it can only be exterminated by performing a complex process which is known as SPI memory re-flashing. Another thing that can be done but is extremely costly is, you have to replace your system’s motherboard.