Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Updated on March 21, 2025

The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools.
Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS…

Read the rest of the story at Read More

Source: The Hacker News

January 16, 2024 Uncategorized

Remcos RAT Spreading Through Adult Games...

March 21, 2025 Uncategorized

Ongoing Cyber Attacks Exploit Critical V...

September 20, 2024 Uncategorized

Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates

Related posts

Remcos RAT Spreading Through Adult Games...

Ongoing Cyber Attacks Exploit Critical V...

Europol Shuts Down Major Phishing Scheme...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines