What is the name of a UEFI rootkit that is widely used by attackers to inject malware and automatically execute when the system starts up?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

What is the name of a UEFI rootkit that is widely used by attackers to inject malware and automatically execute when the system starts up?

Explanation:
Firmware-level persistence is achieved by targeting the system’s firmware so code runs before the operating system and can survive OS reinstalls. LoJax is a well-known UEFI rootkit that exemplifies this technique, having been discovered as a malicious component implanted in the UEFI firmware to load at boot and inject additional malware. Because it resides in the firmware, it can automatically execute during startup and remain persistent across reboots and OS changes, making detection and removal much harder than standard, OS-level infections. The other threats operate at different layers or targets—one aims at industrial control systems, another is a mass-infection botnet, and the last is a destructive wiper—so they don’t fit the boot-time, firmware-level persistence profile of a UEFI rootkit like LoJax.

Firmware-level persistence is achieved by targeting the system’s firmware so code runs before the operating system and can survive OS reinstalls. LoJax is a well-known UEFI rootkit that exemplifies this technique, having been discovered as a malicious component implanted in the UEFI firmware to load at boot and inject additional malware. Because it resides in the firmware, it can automatically execute during startup and remain persistent across reboots and OS changes, making detection and removal much harder than standard, OS-level infections. The other threats operate at different layers or targets—one aims at industrial control systems, another is a mass-infection botnet, and the last is a destructive wiper—so they don’t fit the boot-time, firmware-level persistence profile of a UEFI rootkit like LoJax.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy