VERY IMPORTANT

ESET researchers have discovered Bootkitty, the first UEFI bootkit designed for Linux systems. This proof-of-concept malware targets specific Ubuntu versions and aims to disable kernel signature verification while preloading unknown ELF binaries. Bootkitty is signed with a self-signed certificate, limiting its effectiveness to systems without UEFI Secure Boot enabled. The bootkit patches GRUB and the Linux kernel to bypass security measures and load potentially malicious modules. Additionally, a related kernel module named BCDropper was identified, which deploys an ELF program responsible for loading another kernel module. This discovery highlights the evolving threat landscape for UEFI-based systems beyond Windows.