The Elpaco ransomware, a Mimic variant, uses Everything DLL for file discovery, providing attackers with tools to customize the malware’s actions, execute system instructions, and disable security measures. The ransomware looks for specific files, encrypts user information, requests ransoms, and evades detection through obfuscated code. The malware can also erase files post-encryption to avoid detection and is primarily aimed at the US, Russia, the Netherlands, Germany, and France.
Found in the wild: The world’s first unkillable UEFI bootkit for Linux
Security firm ESET has found the first known example of a Linux UEFI bootkit, a type of malware that infects the Unified Extensible Firmware Interface.
