DeFi Hack Recovers Stolen Funds; Blacklotus Bypasses Windows Secure Boot
Tags
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Bootkit - T1542.003 Firmware - T1592.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Bootkit - T1067 Rootkit - T1014 Rootkit
Show in Graph
Common Information
Type Value
UUID 9ad69659-48ff-42fd-89ac-cc41cce13839
Fingerprint af3c19d9af3be78c
Analysis status DONE
Considered CTI value 1
Text language
Published March 9, 2023, midnight
Added to db March 9, 2023, 11:56 a.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline DeFi Hack Recovers Stolen Funds; Blacklotus Bypasses Windows Secure Boot
Title DeFi Hack Recovers Stolen Funds; Blacklotus Bypasses Windows Secure Boot
Detected Hints/Tags/Attributes 51/3/13
Source URLs
Redirection Url
Details Source https://blog.eclecticiq.com/defi-hack-recovers-stolen-funds-blacklotus-bypasses-windows-secure-boot
URL Provider
Details Provider Source level domain
Details eclecticiq.com blog.eclecticiq.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 32 EclecticIQ Blog https://blog.eclecticiq.com/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 48 
cve-2022-21894
Details Domain 49 
eclecticiq.com
Details Domain 262 
www.welivesecurity.com
Details Domain 32 
www.techtarget.com
Details Domain 5 
bbs.360.cn
Details Domain 403 
securelist.com
Details Email 47 
research@eclecticiq.com
Details File 2 
thread-14959110-1-1.html
Details Url 2 
https://www.blockworksresearch.com/research/we-do-a-little-counter-exploit#the
Details Url 3 
https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed
Details Url 2 
https://www.techtarget.com/whatis/definition/unified-extensible-firmware-interface-uefi
Details Url 2 
https://bbs.360.cn/thread-14959110-1-1.html
Details Url 2 
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973