← All drivers
malicious
Driver

0x3040_blacklotus_beta_driver.sys

BlackLotus UEFI bootkit driver (beta)

From Unknown criminal threat actor
Part of the BlackLotus family
Status
On a known malicious list
Known variants
1 distinct hashes
Public CVEs
1
Field notes

This is a catalog name for an earlier build of the BlackLotus UEFI bootkit kernel driver. See the 0x3440_blacklotus_v2_driver.sysDriver0x3440_blacklotus_v2_driver.sysBlackLotus UEFI bootkit driver (v2)Open plate → entry for the full story.

Not a legitimate vendor driver. Presence indicates a firmware-level compromise. If found, escalate to incident response.

What the record shows

0x3040_blacklotus_beta_driver.sys is listed as malicious on the public LOLDrivers project. One distinct binary hash matching this filename is on record.

Public CVEs
What this means, plainly
Presence is not proof of misuse. This filename matches a public malicious list. Vera notes it as evidence on a record; the meaning still belongs to the people with the context.
Related drivers

Other drivers in the BlackLotus family. See the whole family →

Source

Status data comes from the public LOLDrivers project, a community-curated registry of drivers known to be vulnerable or malicious. The snapshot Vera uses was refreshed July 10, 2026. CVE links go to the NIST National Vulnerability Database.

Cite this entry

Vera Project. “0x3040_blacklotus_beta_driver.sys.” Vera Field Guide (Driver). The Vera Project. https://www.veraproject.xyz/field-guide/drivers/0x3040-blacklotus-beta-driver-sys