All articles tagged with #hybridpetya
HybridPetya is a proof-of-concept ransomware-bootkit that exploits a patched UEFI Secure Boot vulnerability to hijack Windows systems before OS load, highlighting that Secure Boot bypasses are real and evolving, though it has not been seen in the wild yet.
HybridPetya is a new ransomware that can bypass UEFI Secure Boot by exploiting CVE-2024-7344, allowing it to install malicious bootkits on EFI System Partitions. It combines features from Petya and NotPetya, encrypts data, and demands Bitcoin ransom, though it has not yet been observed in the wild. Microsoft has patched the vulnerability, and users are advised to keep systems updated and maintain offline backups.
Cybersecurity researchers have discovered HybridPetya, a new ransomware that can bypass UEFI Secure Boot using the patched CVE-2024-7344 vulnerability, by installing malicious EFI applications and encrypting the Master File Table, with capabilities for encryption, ransom demands, and potential decryption, although it has not been observed in active use.
ESET Research discovered HybridPetya, a Petya/NotPetya copycat with advanced capabilities including UEFI Secure Boot bypass via CVE‑2024‑7344, and the ability to compromise modern UEFI systems by installing malicious EFI applications, although it is not actively spreading in the wild yet.