Microsoft approved hardware drivers used in ransomware attacks

Scientists from Sophos (opens in a new tab) discovered that vulnerabilities in Microsoft-approved hardware drivers were exploited in ransomware attacks by a group called Cuba.

A pair of files were found on the compromised machines that, according to Sophos, “cooperate to terminate processes or services used by various vendors of endpoint security products.”

Leave a Reply

Your email address will not be published. Required fields are marked *