Targeting of transportation companies via UEFI firmware implant
Date of report
  • January 2022
The Winnti group is suspected of deploying an advanced Unified Extensible Firmware Interface (UEFI) implant, dubbed Moonbounce, to the systems of a transportation company. Moonbounce is highly targeted and was likely created to access the networks of a small number of institutions and companies. 
Suspected victims
  • A transportation company, as well as other targets
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown