Just about now a friend of mine got compromised, actually she was compromised by

Question

Just about now a friend of mine got compromised, actually she was compromised by various adware since long ago but she installed something (her browser was hijacked to deliver even more malware) and the machine crashed.

I told her to reinstall from the recovery partition since she's not tech-savvy and doesn't know how do to a proper reinstall from a clean Windows ISO.

Now, I'm wondering, do common malware also compromise the recovery partition ? I know an experienced attacker targeting that particular machine would definitely do this, however I don't think she's victim of a targeted attack (she doesn't have anything valuable on her machine nor her network), so does the usual crap you can get from shady websites/malvertising also takes the hassle to compromise recovery partitions ?

Explanation / Answer

Worse! I can't find it but the other day I read about a UEFI hack that installs a rootkit in your UEFI - the bootloader. If that is possible, you can reinstall your system and still get infected.

But this is not common - yet. And I believe these rootkits are not easily made, probably need to be modified for many different systems.

Related Questions

Navigate

• Browse (All)
• Browse J
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.