MhyProt2 Ransomware attack

suditu
suditu ✭✭
edited August 2022 in General Topics

Hi,

I'm writing in order to allow the community and Bitdefender specialists to look at the new attack vector.

I added a github link [removed by admin in accordance with the forum policy]

Basically a signed legitimate driver is used to kill system processes,etc.

Comments

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    Hello.

    You can help the malware researchers at Bitdefender Labs by reporting the file(s) as false negative here:

    https://www.bitdefender.com/consumer/support/answer/29358/

    and

    by contacting Bitdefender Consumer Support here:

    https://www.bitdefender.com/consumer/support/help/

    Also, you could add the GitHub link in your e-mail(s).

    Regards.

  • Hello @suditu,

    Thank you for bringing this to our attention. This looks like a task for the malware researchers.

    While your findings are highly appreciated, kindly be advised that posting malware samples and /or URLs is not allowed in the community. Please do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender.

    Should you wish to report a false positive / false negative detection, head to this link and submit your findings using the dedicated form.

    Once again, thank you very much for your contribution and understanding.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user