Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > 'GodDamn' Ransomware Uses BYOVD to Smite US Companies

'GodDamn' Ransomware Uses BYOVD to Smite US Companies

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks.

A newly rebranded ransomware outfit is sneaking malware into American organizations using a malicious yet Microsoft-approved driver.

Researchers at Symantec recently observed a cyberattack from a group known as "Hyadina." Hyadina is a 4-year-old ransomware-as-a-service (RaaS) operation with a new locker, "GodDamn," an iteration on its previous lockers, "Beast" and "Monster." It typically attacks American organizations, and it also has a distinct distaste for former Soviet countries. Its targets have spanned sectors that include healthcare, manufacturing, education, and wherever else it finds opportunity. More here

Similar Stories

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to acc… More...

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem ra… More...

Have your say

 

News Categories

Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks. More...

Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? More...

An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and enc… More...

Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks… More...

Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to acc… More...

image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Follow Us

This website is powered by
ToucanTech