The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware.
Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.
