Malware Mayhem: Cybercriminals Hijack Avast Driver to Wreak Havoc!

Cybersecurity researchers have discovered a new BYOVD attack using a legitimate Avast driver to disarm security protections. This sneaky malware terminates 142 processes, including security software, by exploiting the driver’s kernel-level access. It’s like hiring a bodyguard who secretly moonlights as a ninja for the other team.

3P
Published: November 25, 2024 9:21 amAdded: November 25, 2024 at 1:58 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that the infamous “bring your own” trend would extend to the world of cybersecurity villains? Forget about bringing your own beer to a party; these cybercriminals are bringing their own vulnerable drivers to crash the security bash!

Key Points:

  • New malicious campaign uses BYOVD to disable security measures.
  • Malware drops a legitimate Avast Anti-Rootkit driver and manipulates it.
  • Malware gains kernel-level access, terminating 142 processes, including security software.
  • Exact initial access vector remains unclear, as does the scope of the attack.
  • BYOVD attacks have become a common method for deploying ransomware.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?