A security flaw has allowed a ransomware gang to effectively prevent antivirus programs from running properly on a system.
As reported by Bleeping Computer, the BlackByte ransomware group is utilizing a newly discovered method related to the RTCore64.sys driver to circumvent more than 1,000 legitimate drivers.
Security programs that rely on such drivers are therefore unable to detect a breach, with the technique itself being labeled as “Bring Your Own Driver” by researchers.
Once the drivers have been turned off by the hackers, they can operate under the radar due to the lack of multiple endpoint detection and response (EDR). The vulnerable drivers are able to pass an inspection via a valid certificate, and they also feature high privileges on the PC itself.
Researchers from cybersecurity company Sophos detail how the MSI graphics driver that is targeted by the ransomware gang offers I/O control codes that can be accessed through user-mode processes. However, this element breaches Microsoft’s security guidelines on kernel memory access.
Due to the exploit, threat actors can freely read, write, or execute code within a system’s kernel memory.
BlackByte is naturally keen to avoid being detected so as to not have its hacks analyzed by researchers, Sophos stated — the company pointed toward attackers looking for any debuggers running on the system and then quitting.
Furthermore, the group’s malware scans the system for any potential hooking DLLs connected to Avast, Sandboxie, Windows DbgHelp Library, and Comodo Internet Security. Should any be found by the search, BlackByte disables its ability to function.
Because of the sophisticated nature of the technique used by the threat actors, Sophos warned that they will continue to exploit legitimate drivers in order to bypass security products. Previously, the “Bring Your Own Driver” method was seen being used by the North Korean hacking group Lazarus, which involved a Dell hardware driver.
Bleeping Computer highlights how system administrators can protect their PCs by putting the MSI driver (RTCore64.sys) that is being targeted into an active blocklist.
BlackByte’s ransomware efforts first came to light in 2021, with the FBI stressing that the hacking group was behind certain cyberattacks on the government.
Do you need hackers for hire? Do you need to keep an eye on your spouse by gaining access to their emails? As a parent do you want to know what your kids do on a daily basis on social network (This includes Facebook, Twitter, Instagram, Whatsapp, Wechat and other to make sure they’re not getting into trouble? Whatever it is, Ranging from Bank Jobs, Flipping cash, Criminal records, DMV, Taxes, Name it, he can get the job done. his a professional hacker with 10 years+ experience, Contact him at Gmail Henryclarkethicalhacker@gmail.com.. send an email and Its done. Its that easy.
If u needed a concrete cheating evidences on your unfaithful partner the best
hand that got you cover is Donald Jackson he is a professional in hacking….
When I noticed some strange changes about my ex wife and I contacted STD from
her I learnt she has been cheating on me and I search for app that I can be used
to clone her phone conversations and passwords but all not to avail ,then I come
in contact with Donald through a blog comments after connecting with him ,he
asked for the info and clone her Facebook,WhatsApp and all her phone conversations
and messages within 24hours and he did a very professional job without any traces,
so if you are in need of a legit hacker for DELETING OF BLEMISHES FROM CREDIT REPORT,
CREDIT SCORE INCREASE, PHONE CLONING, PHONE TAP, SPY HACK YOUR CHEATING SPOUSE TO FIND OUT
WHAT THEY BEEN UP TO, MORTGAGE LOAN LENDERS AND APPROVALS, EMAIL HACKS, WHATSAPP, MESSENGER
AND OTHER SOCIAL MEDIA APP, DELETING OF CRIMINAL RECORD AND EVICTION HISTORY contact him via his
mail- Davecyberexpert14@gmail.com
Clear your doubt and know your stand as well in your love life and marriage.
Do you wish to monitor your spouse’s gadgets 💻🖥📱without having a physical contact.
Your problems are 100% solved…
To get your spouse’s gadgets cloned, Kindly
Contact Email: Davecyberexpert14@gmail.com
My husband has been frequently deleting all messages for the last couple of days from his phone and he didn’t know i was peeping at him, then i asked him why he was deleting all messages from his phone but he claimed that his phone memory was full and needed more space. Immediately I went in search of a hacker who can get me deleted information and contents from my husband’s phone and luckily for me i came across this reputable ethical hacker Me Fred, this hacker got the job done for me and provided me with results and i saw that my husband has been lying to me. He was simply deleting all pictures, call logs, chats and text messages between him and his secret lover so i wont get to see what he has been doing at my back. Thank God for reputable hackers who are ready to help. I must say am really impressed with the services i got from The hacker Detective and am here to say a very big thank you: contact him on fredvalcyberghost@gmail.com and you can text, call him on +1423)641 1452
This is my advice to anyone who wants to hack a phone, do not pay for spy apps if you don’t have access to the phone. I wish I knew this sooner, I would not have spent so much on different spy apps. It took sometime before I finally found a way to hack my husband’s phone without having access to it. I mentioned my fears and insecurities to a friend and she recommended Henry Clark to me, This hacker provided a service that allows me to monitor his calls and conversations. I haven’t decided on what to do yet. I don’t think I can continue in this marriage. He is cheating on me.contact him here for help, via, Henryclarkethicalhacker@gmail.com,
Whatsapp him on,+12622367526..
I emailed the hacker company twice because I suspect my husband is cheating on me with no response and this makes me worried,Well I finally cried to Mrs Kate who gave me more updates about Mr Henry on his private wizard from youtube. I was told to contact the hacker and his terms and Conditions were very I haven’t cheated on my clients before and I will never do it.h him.I have full details of my husband Facebook also his cell phone and i found out my husband his loyal doesn’t cheat on me and the babies.Email the wizard and get more info about him for a legit job too. Contact his gmail here, Henryclarkethicalhacker@gmail.com, and you can text, call, WhatsApp +1773-609-2741, or +1201-430-5865, He would surely help.
Henryclarkethicalhacker at Gmail .. com is the best professional personnel and I was looking online and saw lot of recommendation Henryclarkethicalhacker@gmail.com, on Whatsapp, call, text +17736092741, or +1201-430-5865, , which prompt to contact him directly to his mail. I knew he had helped a lot of people so I needed help ASAP before I died of heartbreak and emotional trauma. My wife was cheating with her boss and this is not something I used to be happy with. I need access to her WhatsApp and Snapchat which he did provide me access to. I was quick to judge but all was okay. I want to use this measure to give him more recommendations.
Hello everyone, I would like to share my story with you all because I believe it would be of help. I just got over my divorce tussle that went on for almost two years, I filed for divorce because I knew he was cheating but I had no evidence to back up my claim. Long story short I decided to check online if I could have access to another person’s phone without touching or installing any software on it and I met this guy Thomas and I was very shocked because I got all the info including deleted ones. If you would like to get in touch with him, send him a mail; Henryclarkethicalhacker@gmail.com and you can Whatsapp him on +17736092741, or 12014305865, tell him I refer you.
I have dedicated my time to do these although am not supposed to be doing but the laudable job Henry did for me worth more than what i paid for,l have never dream of getting my husband phone call details and receiving his whatsapp and text messages(not even anytime soon).The day i started receiving all his messages that was the day l promised to come back to where l saw recommendation about him and join the good people to spread and share my experience. Married women pls contact him via email: Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741, and be saved from the bondage subjected by those selfish men.