Malware
CosmicStrand
First seen: 2016-01 • Status: active
Currently Active Threat
CosmicStrand is a stealthy virus that hides in your motherboard firmware. It has been secretly infecting computers for years without being detected.
Overview
CosmicStrand is a UEFI firmware rootkit discovered by Kaspersky. It targets ASUS and Gigabyte motherboards and has been active since at least 2016.
How It Spreads
- • Unknown initial vector
- • Possibly supply chain
What It Does
- • UEFI-level persistence
- • Deploys kernel-level malware
- • Survives OS reinstalls
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Firmware integrity checks
- • UEFI scanning
MITRE ATT&CK Techniques
T1542, T1014
If You're Infected
- 1.
Flash clean UEFI firmware
- 2.
Consider hardware replacement
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required