
Malwares aren’t going anywhere. Today’s news cycles, especially during the COVID-19 pandemic, seem to be full of cyber incidents. One such malware MosaicRegressor, the Second-Ever Windows Unified Extensible Firmware Interface (UEFI) Rootkit that can stay on the motherboard flash memory located in the BIOS region of the PC, was found recently.
One other known instance of a UETI bootkit named LoJax, in the form of patched UEFI modules, was last discovered in 2018 by ESET. The malicious MosaicRegressor’s UEFI firmware images have been modified by the injection of multiple modules that permit the deployment of malwares on target devices.
MosaicRegressor, specifically, features multiple downloaders with numerous intermediary loaders for extensive payloads that can leave wide-ranging implications on victim devices. Aimed at espionage and data gathering purposes, MosaicRegressor has been found with targets on diplomatic institutions and NGOs in Asia, Europe, and Africa.
This advisory by SISA covers an in-depth preview of MosaicRegressor malware and its nature, the related scope of problem and possible implications, and recommendations on ways to respond to the MosaicRegressor malware. The next steps elaborated in this advisory also include determining how to guard against the MosaicRegressor malware within the context of a comprehensive cybersecurity program.
This technical advisory was proposed and researched by Ananya, Security Analyst at SISA’s Synergistic-SOC.
Get your copy now!
SISA is a Leader in Cybersecurity Solutions for the Digital Payment Industry. As a Global Payment Forensic Investigator of the PCI Security Standards Council, we leverage forensics insights into preventive, detective, and corrective security solutions, protecting 1,000+ organizations across 40+ countries from evolving cyberthreats.
Our suite of solutions from AI-driven compliance, advanced security testing, agentic detection/ response and learner focused-training has been honored with prestigious awards, including from Financial Express, DSCI-NASSCOM and The Economic Times.
With commitment to innovation, and pioneering advancements in Quantum Security, Hardware Security, and Cybersecurity for AI, SISA is shaping the future of cybersecurity through cutting-edge forensics research.