💀Worst Computer Virus: BIOS Virus | Motherboard Virus | Antivirus | UEFI Rootkit
💀Worst Computer Virus: BIOS Virus | Motherboard Virus | Antivirus | UEFI Ro
▶️Watch Part 1: • 💀 Worst Computer Virus...
🔗ESET Smart Security Premium: www.tkqlhce.com/click-1004721...
🔗ESET Coupon Codes: www.tkqlhce.com/click-1004721...
🔗Get a 14-day free trial with Aura and see where your personal information is being leaked online: Aura.com/nico
Scanners that detect Lojax:
🔗 Aura: aura.com/nico
🔗 ESET Smart Security: www.jdoqocy.com/click-1004721...
💢 Business Inquiries: garrettgateway@protonmail.com
🔐 Unveiling Lojax: The UEFI Firmware Rootkit You Can't Ignore 🔐
Welcome to a gripping exploration of cybersecurity's darkest corners: "Lojax - UEFI Firmware Rootkit Exposed." 🌐🔍
Embark on a spine-chilling expedition through the annals of cyberspace as we unveil the most treacherous computer viruses ever created. In this nerve-wracking video, we delve into the disturbing tales of malicious software that left a trail of chaos and disruption in their wake.
🛡️ THE THREAT UNLEASHED: Prepare to be gripped by the harrowing stories of infamous computer viruses that spread like wildfire, infiltrating networks, and causing unimaginable damage. Witness how these digital monsters evolved over the years, leaving a lasting impact on the digital landscape.
Ransomware:
Ransomware is a type of malware that encrypts a user's files and demands a ransom to restore access. Notorious examples include WannaCry and NotPetya.
Trojans:
Trojans disguise themselves as legitimate software to gain access to a system, often allowing unauthorized access or data theft. They can be highly destructive and may open a backdoor for other malware.
Spyware:
Spyware covertly collects information about a user's activities without their knowledge, including passwords, browsing habits, and sensitive data. It often aims to steal personal and financial information.
Worms:
Worms are self-replicating malware that spread across networks, exploiting vulnerabilities and consuming system resources. They can propagate rapidly and cause widespread damage.
Botnets:
Botnets consist of a network of compromised computers controlled by a central server, typically used to conduct distributed denial-of-service (DDoS) attacks, spam campaigns, or data theft.
Rootkits:
Rootkits are stealthy malware that hide within a system, granting unauthorized access and control over the computer. They are difficult to detect and remove.
Adware:
Adware displays unwanted advertisements on a user's device, often causing slowdowns and hindering the user experience. In some cases, it may collect user data to target ads.
Keyloggers:
Keyloggers record keystrokes, capturing sensitive information such as passwords, credit card numbers, and login credentials. They can transmit this data to malicious actors.
Fileless Malware:
Fileless malware resides in system memory, making it difficult to detect using traditional antivirus solutions. It leverages existing system tools and processes to execute malicious actions.
Malicious Mobile Apps:
Malicious applications on mobile devices can steal personal information, track user activities, or exploit vulnerabilities to compromise the device.
Drive-by Downloads:
Drive-by downloads automatically download malware onto a user's device when they visit a compromised or malicious website, often exploiting vulnerabilities in the browser or plugins.
Phishing Attacks:
While not a type of malware, phishing attacks involve tricking users into revealing sensitive information such as passwords or credit card numbers. Phishing often accompanies malware distribution.
Understanding these dangerous types of malware is crucial for maintaining a strong defense against cyber threats and adopting proactive security measures. Stay informed and prioritize cybersecurity to protect your digital assets and data.
Download Tron Script: / tronscript
---------------
▶️ Please subscribe: / nicoknowstech
---------------
▶️ Join my Discord: discord.io/NicoKnowsTech
▶️ Support me on Patreon: / nicoknowstech
---------------
▶️ Follow me on:
Instagram - / nicoknowstech
Twitter - / nicoknowstech
▶️ Frequently Asked Questions: • Frequently Asked Quest...
---------------
▶️ Check out my other videos:
Block ALL Ads, Malware Domain, Trackers & More: • Block ALL Ads, Malware...
NKM Minecraft Faction Server Launched: • NKM Minecraft Faction ...
Virus Removal Tutorial: • IBuddy, Idle Buddy, Br...
Can you trust virus scanners? : • Can you trust virus sc...
---------------
#BIOS #virus #trojans #computervirus
Have you guys ever encountered a virus that was hard to remove?
daling with one at the moment pretty sure about it
Sorry to hear that but glad you are telling me. I would be happy to advise you. Can you tell me a little about your infection?
@@NicoKnowsTech I think I have a virus on one of my computers that survives a reinstall of windows. This time I wiped my drives with secure erase on my MSI motherboard and flahsed my bios will that fix it, or is their another way without buying a new motherboard?
Def not in the position to purchase a new motherboard, CPU, RAM, and CPU coollar.
Yes😢
the effort you put it... these are great!! keep up the work man :)❤
I will do my absolute best!
Heres the worst part about UEFI malware. UEFI was meant to be more secure but it is literally less secure and more buggy. Intel and AMD forced UEFI to include spyware by putting code for the intel management engine inside of the firmware(amd has there own version of intel me to). Whats worse about uefi is that it gives these viruses network support. as UEFI can connect to the internet(theres no reason why UEFI should have network support but it has it for some reason), it means that malware can easily access the web. their claims to make it more secure than bios was a flat out lie. Whats worse is that UEFI is mostly proprietary. while its true that most UEFI firmware is based on the open source tianocore. Tianocore still requires propitiatory intel blobs in order to run. on top of that its then modified by companies like AMI and Phoenix to include even more propitiatory stuff in it. and then sold to motherboard manufactures. even worse is that they block you from flashing anything else. The worst thing however is the fact that its up to the motherboard manufacture to include a patch for these exploits that UEFI rootkits use and most of the time they dont release a patch or fix.
Well stated and insightful comment!
@@NicoKnowsTech thanks man. this was a excellent video as well.
thank you so much for covering this appreciate the effort you've put in your the man
That means so much to me hearing that. You make all the hard work worth it!
These videos are amazing and really helpfull!! Appreciate it from you Nico!
Oh snap! Thank you! Really appreciate you telling me.
Thanks. Great coverage of some sinister hacker bits ... Subscribed ... Cheers
Thanks for the sub and for the comment! Glad to have you.
Cant wait for part 3
Working on it now!
keep up the googd work man
I will do my best!
Very cool Nico. Good on you!
You meant Live Guard :-) Live Grid is another more basic feature of ESET. Great video 😁
Maybe they are both features of ESET, but I did mean LiveGrid. help.eset.com/glossary/en-US/technology_livegrid.html
@@NicoKnowsTech LiveGuard is ESETs premium cloud sandbox feature. I was pretty confused about LiveGrid vs LiveGuard myself. For 0-days you’ll want LiveGuard. :-)
I have been running ESET's product for over 10 years [have not been infected during that time; I would consider myself a pretty "average" (internet) user ; aware of threats but not overly cautious]
That is great to hear buddy!
Great job! I sincerely appreciate your thoroughness in sharing the latest virus details. Your dedication is truly admirable, and I am immensely grateful for your valuable insights.
Wow thanks! I really needed to hear that right now. It has been a hard road but worth the outcome!
I have a strong suspicion that I was infected by one of these pests, how can I reliably send a log of my computer for you to analyze? I suspect it was recorded in the bios of a video card from China I really need help, I'm trying the steps in the other video to remove persistent malware, but believe it or not the malware protected against this
Hey Niko i download a song from KZhead and my dj software started freezing, i then did the cleanup you suggested and even though it got much better i stil get some freezing hiccups about every hour when playing my music so i believe i still got a bug in my system, any suggestions please let me know soon thank you.
Did you check my video on how to detect viruses? Might want to see if you have an infection.
My asus laptop compromised. Bios updated, deleted and formatted ssd, reinstall windows. But nothing works. It continously showing its location to china. And hacker asking 1800usd. Helpless
Maybe using an SPI bios tool (+bios repair kit) to rewirte the bios chip itself.
Hi, my friend got his computer infected too. We tried erasing everything and updating the bios and it always came back. BUT we found a solution : flashing every update of the bios from the first one to the last one without booting the motherboard itself. It rewrote the entire bios with clean firmware and it seems to have saved his computer. (We erased the whole memory too and flash a new OS)
Hi bro, I want to copy data from external hdd to internal SSD do you know any fast way to copy large files?
Isnt this anbevilware thing as i run linux andcrestrict updates from known sw providers?
Hi nico I like your content,I'm a new subscriber. I downloaded a torrent and got a trogan virus. I factory reset my computer. And it was still there. I want to remove it offline if I can. Do you recommend USB windows 10 recovery like Norton and which do you recommend. I will do it in boot safe mode. If you can do a video I'm sure it will help people out. Thanks
I will get right on that!
@@NicoKnowsTech thank you very much. I'm learning a lot from you. . I want to try Tron as a last resort. I'm not very good on computer's. I can tell you are a good content provider, and you care about your community
@@petertaylor4758I think I am having the same issue. Tron did not seem to work because the file was not able to be opened. It seems the computer connects to another computer as soon as I can connect to the internet after installing windows.Hopefully disconnecting from the internet will give me time to find and delete the file without them stopping me. But I think I either missed some or I don’t have access or authority to remove certain files. I don’t know enough to just delete files from the system or program files but I think that is where things can be fixed. But describing this is difficult and I doubt I grasp it fully.
@@israelgarcia7801 I haven't sorted out my laptop yet. I don't use it on Internet and rarely use it What I suggest is download Tron in another computer that is virus free. Then boot your computer in safe mode. I think windows isn't active then. Put in USB and try to install Tron from there.. obviously with Internet off . Let me know if you get rid of virus. It might help me
USB memory stick lol
I am fully infected with everything in this video. 28 devices, 2 vehicles and no control going forward. Can you please help me?
How do I know if my PC is infected with UEFI virus? Just scan with ESET?
Correct. That is why I am only recommending them for antivirus. If ESET says you are clean the you absolutely do NOT have a UEFI Malware.
Thanks very much! I'm scanning with ESET free trial period right now.
Hi nico , your contents great ,I been trying to get rid of a serious virus or malware I have and nothing seemed to be working now I see this I believe I may have a LoJax I have done multiple windows installs used multiple antivirus tronscript I’m onto medicat but the virus seems to reinstall every startup ,any help would be great 👍🏼
Scan with ESET. It will tell you if there is an infection or tampering there.
@@NicoKnowsTech thanks for the response ,would eset be able to remove it ?I have used medicat and I can confirm it’s a uefi malware as it’s persistent and it resides on drive X the boot files ,I have almost given up but I will try eset.I wanted to ask is there any chance the malware could spread to my other hardware like gpu and ram ?
@frxstyybwoyy1939 ESET will validate if you indeed have a UEFI infection. Medicat is what we call "oversensitive" and it may be a false positive.
reinstall with a USB. reinstalling windows from windows will just redownload the same drivers you're using.
Could these viruses be spread through purchasing hardware? If so what kind? Do we not buy hokey brands? Could a compromised video card firmware spread virii? Could compromised or malicious hardware install these uefi virii?
Hi.I am using Kaspersky Premium.I know Kaspersky knows about UEFI Threads. In my Understanding Kaspersky must be able to defend these Threads too?
Technically yes however it must be a known Malware and match signatures or else Kaspersky will miss it.
@@NicoKnowsTech Thx for answering.I'm asking,because in believe that Kaspersky still is one of the best AV Vendors.
I would agree. 👍
Subscribed! Three questions from a user + that is broadening out his knowledge. 1) Are these Firmware virus's a threat to Linux distributions as well? I understand that these virus's are introduced into the firmware/ BIOS, however, the "carrier" seems to be mostly Windows. Am I wrong? 2) Why is TPM 2.0 and Intel 8th gen + processors being mandated by Windows 11 in about a year? Is it because of these types of virus's? 3) What does TPM do for security?
one of my computers got infected. all of my computers are protected Eset EndPoint Security. The user installed some software with hacked license and that was the source as far as I know. I did try BIOS update but the Virus still there. its may be not a virus. ESET says -a variant of EFI/ CompuTrace.A potentially unsafe application- unable to clean messge starts \\Uefi Partition >> UEFI >> uefi:\\Volume 6\Firmware Volume Image. any suggestions?
I'm currently trying to get rid of a I guess a bios bootkit, PITA.
hey nico!!
Hey beckett! Great to see you here!
Will downgrading to the first bios version on my msi mag b450 tomahawk and upgrading to the most recent bios fix this issue if you might have a uefi bios
I have had success with that method. Give it a shot then scan with ESET. If it comes back clean then you did it.
msi private keys were stolen so a custom image for the spi flash can be made and signed with this key. it is logical, that one of the first things to alter is the flashing utility itself. the attacker will add an anchor like code snipped at the end of the flash update or deactivate the flashing functionality but showing the user a progress bar faking the update. that sounds a bit crazy but considering the creation of an uefi malware sample is not something a script kiddie will do in less time. to alter the flashing utility is the first logical step from an attackers perspective if he wants to keeps persistence because he knows, that msi will revoke its keys. furthermore the attackers will stealth their activities on infected but fake flashed bioses to keep their access to the network. therefore i would not use anything of the old hardware.
Moonwalk nalware is also a bios virus it just has a different nsne because its in croation
great video
Thanks!
So, how long has this vulnerability existed?
jungle
How well do eset stop firmware infections??
Better than anyone else currently. Firstly, ESET's engine is actually looking for them. Secondly, ESET is the cyber security firm that is actively hunting for these types of threats so we can detect them. Kaspersky finds one every now and then, but not quite like ESET at the moment.
I think my gamming computer was affected by this, will a bios flash fix this?
Worth a shot, but first confirm you have an infection. Check with ESET
Do open source viewers allow uefi infections on a p.c.?
Its possible.
ohhhh
Motherboard manufacturers could have saved the world a lot of pain by having a little dip-switch or jumper that can make the BIOS read-only, or read-write [so that you can update the BIOS with a genuine flash file]. Too basic and practical for the "geniuses" in IT, I guess. And sure, I get it, software switches can enable a lot of cool stuff, like "wake on LAN", "netboot" and so on. But no code ever written, be it malware or otherwise, can overcome a physical barrier.
I couldn't of said it any better than you did
Pretty sure I got malware on my router, phone, and laptop via UEFI bs
So basically don't use a laptop or a pc
❤❤❤
When you have a rootkit and live targeted and it so bad, you cant even comment here without it being removed ...Luckely my email came through Nico (another account on my Cellphone now) taking a pc fight battle off today... Gert
Your comments got auto filtered for having links. ;)
Is see, good that not evertthing is bad... Thx for letting me Know PS tip for other warriors using ESET: check your rules regulary and disable filter, it Hides manually or other generated exceptions mostly system drivers and so on...after turning off interactive mode and going tot automatic, Rules got injected there,...if your malware Hides in system, it looks legit ...50 rules allowing remote interaction got inserted, detected it soon enough ...You can protect by adding a password to ESET, bit downside is having to give it in in every interactive global allow rule (pretty hard when your PW need to ben +15 characters to be secure enough... Total madness clicking on a Virustotaal connect Google account link and a script Ran, auto delering my Google account LOL, i saw it, recovered it and than checked my rules and Found out this is far Grol over 😂
From* my keyboard is acting up, on a compromised device..
@@NicoKnowsTech hi nico, still being haunted, in created a temp shared google drive to try and document some files, can i share you a link? Would love to contact some on 'prem' assistance, you have any ideas? You think local ESET support would want to hear my story out ? My identity card was next target...Gert
I desperatly need help
uh...
Where's part 1?
Right here: kzhead.info/sun/ptGniaWxbmNjZ3k/bejne.html
I made uefi ransomware for educational purposes only. It's scary easy.
Hi Nico and community friends, I posted a link on my account for those who want to see a funny (let us call it that) vid how many system apps a 'legit' phone needs 😂
Eset is based in Slovakia. Ironically, the word "Eset" means "Isis", which among other things is the name of a terrorist organization.
The name... Not the acronym. en.wikipedia.org/wiki/Isis
They are multi-national by the way. I deal exclusively with ESET USA and Latin America as I run a US-based channel and live in Latin America.
... And ESET formed in 1992. The terrorist organization formed in April 2014. If anything, they copied other people.