Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware’s UEFI firmware-infecting module, known as TrickBoot.
Last year, cybersecurity firms Advanced Intelligence and Eclypsium released a joint report about a new malicious firmware-targeting ‘TrickBoot’ module delivered by the notorious TrickBot malware.
When executed, the module will analyze a device’s UEFI firmware to determine if it has ‘write protection’ disabled. If it is, the malware contains the functionality to read, write, and erase the firmware.
Source: Bleeping Computer