Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:49:12 UTC
Home > List all groups > List all tools > List all groups using tool Computrace
 Tool: Computrace
Names
Computrace
LoJack
Category Malware
Type Rootkit
Description
(Malwarebytes) Security researchers have detected the first known instance of a UEFI
bootkit being used in targeted campaigns against government entities across Central and
Eastern Europe. The attack focuses on UFEI-enabled computers and relies on a
persistence mechanism that has been stolen from a legitimate, but often questioned,
software called Computrace that comes by default on many computer systems.
This Computrace agent from Absolute Software is a service designed to recover lost or
stolen computers, the underlying technology of which is based on the LoJack Stolen
Vehicle Recovery System. In 2005, Absolute Software licensed the LoJack name and
subsequent tracking technology to aid in recovery efforts of stolen computers. After
negotiations with manufacturers, the Computrace agent from Absolute Software—or
LoJack for computers—now comes pre-loaded on a large number of machines.
Information
Malpedia AlienVault OTX Last change to this tool card: 13 May 2020
Download this tool card in JSON format
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=0ed6c93b-24a1-477f-b921-a3741bc0eba9
Page 1 of 2

All groups using tool Computrace
Changed Name Country Observed
APT groups
  Sofacy, APT 28, Fancy Bear, Sednit 2004-Apr 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=0ed6c93b-24a1-477f-b921-a3741bc0eba9
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=0ed6c93b-24a1-477f-b921-a3741bc0eba9
Page 2 of 2