Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager.
FinFisher (also known as FinSpy and Wingbird) is a surveillance solution developed by Gamma Group that also comes with malware-like capabilities often found in spyware strains.
Its developer says it’s sold exclusively to government agencies and law enforcement worldwide, but cybersecurity firms have also detected it while being delivered via spearphishing campaigns and the infrastructure of Internet Service Providers (ISPs).