The issue of computer security and hacker attacks has become increasingly complex lately, with various vectors of attacks being made against users and companies alike, it is very difficult to predict when and how they will happen.
Recently, Kaspersky Lab has revealed CosmicStrand, a rootkit software that uses a vulnerability in the UEFI (Unified Extensible Firmware Interface) system that allows this malware to be installed directly into the chip on the motherboard.
In a nutshell, this means that even if you perform a full wipe on your computer's storage, this UEFI connection to the newly installed operating system allows hackers to automatically install malware on your computer.
From there, when these computers are connected to an internet network, these installed rootkits can quickly and easily download the malware data from their C&C server machines, install the software and once again use the computer as one of the botnet computers again.
This kind of software used to be quite hard to find, but it has actually been around since 2015-2016, and CosmicStrand in particular was used by Chinese-speaking hackers, and was only discovered recently.
So far, the only solution when malware like this is found is to change your computer's motherboard and use new components, or change to a new computer. We expect that Kaspersky has already started to find a way to eradicate this malware without having to do such a thing.