MhyProt2 Ransomware attack

suditu

Hi,

I'm writing in order to allow the community and Bitdefender specialists to look at the new attack vector.

I added a github link [removed by admin in accordance with the forum policy]

Basically a signed legitimate driver is used to kill system processes,etc.

Find more posts tagged with

Comments

Gjoksi

Hello.

You can help the malware researchers at Bitdefender Labs by reporting the file(s) as false negative here:

https://www.bitdefender.com/consumer/support/answer/29358/

and

by contacting Bitdefender Consumer Support here:

https://www.bitdefender.com/consumer/support/help/

Also, you could add the GitHub link in your e-mail(s).

Regards.

Alexandru_BD

Hello @suditu,

Thank you for bringing this to our attention. This looks like a task for the malware researchers.

While your findings are highly appreciated, kindly be advised that posting malware samples and /or URLs is not allowed in the community. Please do not post direct links to any executable files, malicious/suspicious software or websites in threads, comments or private messages, even if you think the software or site is clean and incorrectly detected by Bitdefender.

Should you wish to report a false positive / false negative detection, head to this link and submit your findings using the dedicated form.

Once again, thank you very much for your contribution and understanding.

Regards