Sun. Feb 23rd, 2020

TerabitWeb Blog

Fascinating Technology and Security Information

Living off another land: Ransomware borrows vulnerable driver to remove security software

1 min read

Original Post from Sophos Labs Uncut
Author: Andrew Brandt

Sophos has been investigating two different ransomware attacks where the adversaries deployed a legitimate, digitally signed hardware driver in order to delete security products from the targeted computers just prior to performing the destructive file encryption portion of the attack. The signed driver, part of a now-deprecated software package published by Taiwan-based motherboard manufacturer Gigabyte, […]


Go to Source
Author: Andrew Brandt

Copyright © All rights reserved. | Newsphere by AF themes.