MhyProt2 Ransomware attack

suditu ✭✭
edited August 2022 in General Topics


I'm writing in order to allow the community and Bitdefender specialists to look at the new attack vector.

I added a github link [removed by admin in accordance with the forum policy]

Basically a signed legitimate driver is used to kill system processes,etc.


  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 ✭✭✭✭✭


    You can help the malware researchers at Bitdefender Labs by reporting the file(s) as false negative here:


    by contacting Bitdefender Consumer Support here:

    Also, you could add the GitHub link in your e-mail(s).


  • Hello @suditu,

    Thank you for bringing this to our attention. This looks like a task for the malware researchers.

    While your findings are highly appreciated, kindly be advised that posting malware samples and /or URLs is not allowed in the community. Please do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender.

    Should you wish to report a false positive / false negative detection, head to this link and submit your findings using the dedicated form.

    Once again, thank you very much for your contribution and understanding.