The Hacker News

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS

Mar 21, 2025 - 14:29
 0
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS
Read More

Tags:

Previous Article

Samsung says an OLED-beating new screen tech could come sooner than we thought –...

Next Article

Updates From Alien: Earth, and More

Related Posts

Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants

Chinese APT Lotus Panda Targets Governments With New Sa...

Mar 5, 2025  0

Debunking the AI Hype: Inside Real Hacker Tactics

Debunking the AI Hype: Inside Real Hacker Tactics

Feb 18, 2025  0

OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns

OpenAI Bans Accounts Misusing ChatGPT for Surveillance ...

Feb 22, 2025  0