ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    HP iLO Rootkit

    News
    2
    3
    428
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NashBrydgesN
      NashBrydges
      last edited by

      https://threats.amnpardaz.com/en/2021/12/28/implant-arm-ilobleed-a/

      In this report, we analyze a rootkit discovered in-the-wild that hides inside the iLO, cannot be removed by firmware upgrades and can be hidden from the sight for a long time. This malware has been used by hackers for some time and we have been monitoring its performance. As far as we know, this is the first report of the discovery of real-world malware in iLO firmware in the world.

      NashBrydgesN 1 Reply Last reply Reply Quote 0
      • NashBrydgesN
        NashBrydges @NashBrydges
        last edited by

        Appears to require admin access in order to install so not sure how prevalent this could actually be.

        1 Reply Last reply Reply Quote 0
        • DashrenderD
          Dashrender
          last edited by

          There have been numerous elevation of privileges flaws.

          I'm more curious if it could through a hypervisor?

          1 Reply Last reply Reply Quote 0
          • 1 / 1
          • First post
            Last post