Tag: Disarm Security

Kasseika Ransomware Using BYOVD Trick to Disarm Security Pre-Encryption
News

Kasseika Ransomware Using BYOVD Trick to Disarm Security Pre-Encryption

After Akira, AvosLocker, BlackByte, and RobbinHood, the ransomware gang Kasseika is the latest to use the Bring Your Own Vulnerable Driver (BYOVD) exploit to disable security-related processes on compromised Windows systems. The strategy enables "threat actors to terminate antivirus processes and services for the deployment of ransomware," according to a Tuesday research by Trend Micro. Kasseika, which the cybersecurity company first found in mid-December 2023, shares similarities with BlackMatter, which vanished once DarkSide was shut down. Given that BlackMatter's source code was never made public after it was shut down in November 2021, there is reason to believe that the ransomware strain read more Kasseika Ransomware Using BYOVD Trick to Disarm Security Pre-Encryption. Ge...