Hunting for A New Stealthy Universal Rootkit Loader

In one of their recent threat hunting investigations, Trend Micro researchers came across an interesting new threat activity cluster that we initially thought was a false positive detection for a Microsoft signed file. However, this turned out to be a Read More …

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

There have already been reports on code-signed rootkits like Netfilter, FiveSys, and Fire Chili. These rootkits are usually signed with stolen certificates or are falsely validated. However, when a legitimate driver is used as a rootkit, that’s a different story. Read More …