Security Center Security News v
Ransomware Exploits GIGABYTE Driver to Kill AV Processes

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Ransomware Exploits GIGABYTE Driver to Kill AV Processes
Mohammad.Poorya Offline
Racing is my passion and makes me happy.
*****
Valued Member
Posts: 3,710
Threads: 868
Thanks Received: 8,690 in 3,408 posts
Thanks Given: 8,292
Joined: Jul 2018
Reputation: 361
ReporterGold MemberThe CrownMember Of The MonthThe Century
#1
Exclamation  02-07-2020 , 05:42 AM
Quote:The attackers behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows that is used to terminate antivirus and security software.

When performing a network-wide compromise, ransomware attackers need to push out a ransomware executable as quickly as possible and to as many systems as they can to avoid being detected.

One protection that can get in their way of a successful attack, though, is antivirus software running on a workstation that removes the ransomware executable before it can be executed.

Ransomware Exploits GIGABYTE Driver to Kill AV Processes
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Ransomware gangs abuse Process Explorer driver to kill security software mrtrout 0 445 04-20-2023 , 07:56 PM
Last Post: mrtrout
  Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws Bjyda 0 890 03-28-2021 , 12:06 PM
Last Post: Bjyda
  Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits tarekma7 0 1,055 03-12-2021 , 04:13 PM
Last Post: tarekma7
  Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees Bjyda 0 826 02-16-2021 , 09:15 PM
Last Post: Bjyda
  Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs mrtrout 0 956 11-23-2020 , 12:48 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)