![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
Ransomware Exploits GIGABYTE Driver to Kill AV Processes
- Thread starter [correlate]
- Start date
- Jul 22, 2014
- 2,525
- 1
- 23,394
- 3,488
Living off another land: Ransomware borrows vulnerable driver to remove security software
Sophos has been investigating two different ransomware attacks where the adversaries deployed a legitimate, digitally signed hardware driver in order to delete security products from the targeted computers just prior to performing the destructive file encryption portion of the attack. The signed...
Last 3 IOC still have no or low detection on VT.Living off another land: Ransomware borrows vulnerable driver to remove security software
Sophos has been investigating two different ransomware attacks where the adversaries deployed a legitimate, digitally signed hardware driver in order to delete security products from the targeted computers just prior to performing the destructive file encryption portion of the attack. The signed...news.sophos.com
I don't know if you recognized one of the authors.
Mark Loman, one of the Loman brothers who developed HitmanPA and HP.
This malware is also not designed to run with W.XP.
You may also like...
-
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks- Started by Gandalf_The_Grey
- Replies: 0
-
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender- Started by Andy Ful
- Replies: 0
-
Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware- Started by Victor M
- Replies: 8
-
Critical Vulnerability Found in Canon Printer Drivers
- Started by Gandalf_The_Grey
- Replies: 1
-
