![](https://webcf.waybackmachine.org/web/20220124200303im_/https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/01/19145346/abstract_moonbounce-800x450.jpg)
MoonBounce: the dark side of UEFI firmware
At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.