MhyProt2 Ransomware attack

suditu

Hi,

I'm writing in order to allow the community and Bitdefender specialists to look at the new attack vector.

I added a github link [removed by admin in accordance with the forum policy]

Basically a signed legitimate driver is used to kill system processes,etc.

Gjoksi

Hello.

You can help the malware researchers at Bitdefender Labs by reporting the file(s) as false negative here:

https://www.bitdefender.com/consumer/support/answer/29358/

and

by contacting Bitdefender Consumer Support here:

https://www.bitdefender.com/consumer/support/help/

Also, you could add the GitHub link in your e-mail(s).

Regards.

Alexandru_BD

Hello @suditu,

Thank you for bringing this to our attention. This looks like a task for the malware researchers.

While your findings are highly appreciated, kindly be advised that posting malware samples and /or URLs is not allowed in the community. Please do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender.

Should you wish to report a false positive / false negative detection, head to this link and submit your findings using the dedicated form.

Once again, thank you very much for your contribution and understanding.

Regards