Bring Your Own Vulnerable Driver Targets AntiVirus Software

A new malware called Bring Your Own Vulnerable Driver is targeting various antivirus software using a vulnerability in legitimate Windows drivers.

Security Alert, Malware Apps, Apps & OS

Fri Oct 7, 2022 - 18:00

Malware Targets AntiVirus Software

Bring Your Own Vulnerable Driver

A new kind of malware called Bring Your Own Vulnerable Driver has been spotted infecting various key computer systems across the world. This virus seems to be targeting the antivirus software installed on the system itself, using old vulnerable drivers that have been infected with malicious code.


This malware was first spotted by researchers from Sophos Cybersecurity, who found that a group of North Korean hackers called the Lazarus Group was using this malware to infect key computer systems in Dell Technologies. Other cybersecurity researchers from ESET also found it being used to hack aerospace experts and political journalists in Europe using fake Amazon job offers.

The virus is spread through fake pdf files, which contain old vulnerable versions of various drivers that are downloaded onto the system. Since the driver isn't malicious per se, it is ignored by the antivirus software, which is then itself attacked by the malicious code within it.

The latest example of such an exploit was used by a ransomware hacking group called BlackByte, which embedded the code within Micro-Star’s MSI AfterBurner software. It is an overclocking utility for GPUs that gives users more control over the hardware. The file was hidden within the RTCore64.sys and RTCore32.sys files of the same and allowed hackers to read and write to arbitrary memory.

This gave them privileged access to code execution, which they then used for data theft and other activities. Through this exploit, BlackByte was able to disable more than 1000 drivers needed for various antivirus software to function properly. The security firms are asking IT admins to blacklist these particular drivers, so they can't be used for illegal purposes. They are also suggesting that enterprise users thoroughly check all drivers before they are installed on any system to prevent such vulnerabilities in the future.


Related Articles

Nothing x Swedish House Mafia Collab Unveiled

Swedish House Mafia, giants of electronic music who have been nominated for a GRAMMY Award, are releasing tracks from their upcoming album for the masses. Swedish House Mafia fans will have the chance to combine the sounds of their favorite band into their custom smartphone ringt...

Read More about Nothing x Swedish House Mafia Collab Unveiled

Apple iOS Updates Announced

More than two weeks after the company unveiled iOS 17 at WWDC, Apple has recently published iOS 16.5.1. Your iPhone will receive a few bug fixes and security patches thanks to the most recent iOS update for problems that may have been extensively exploited. Let us have a look....

Read More about Apple iOS Updates Announced

WhatsApp Screen Sharing On Video Calls Feature Introduced

WhatsApp, which is owned by Meta, announced today that it was introducing a screen-sharing function for video calls. The function is currently accessible to a small number of beta testers, and it will be made available to more users in the upcoming weeks. The instant messaging pr...

Read More about WhatsApp Screen Sharing On Video Calls Feature Introduced

Apple watchOS 10 Launched

At WWDC 2023, Apple recently revealed watchOS 10, an exciting update for those who use the Apple Watch. The goal of watchOS 10 is to improve user experience and encourage greater mental and physical well-being. It is brimming with new features and increased functionality. The upd...

Read More about Apple watchOS 10 Launched

Apple macOS Sonoma Launched

The most recent Mac operating system, macOS 14 Sonoma, was unveiled by Apple during WWDC 2023 together with the much-awaited Apple Vision Pro, MacBook Air, Mac Pro, iOS 17, and watchOS 10. A variety of new features included in this version of macOS are targeted at boosting creati...

Read More about Apple macOS Sonoma Launched

Apple M2 Ultra Chip Unveiled

Apple unveiled the M2 Ultra, the newest SoC in the M2 series, at its eagerly awaited WWDC 2023 event. This cutting-edge chipset features the ground-breaking Apple UltraFusion technology and is produced utilising a second-generation 5-nanometer process. The M2 Ultra achieves an as...

Read More about Apple M2 Ultra Chip Unveiled

Apple New iOS 17 Launched

The first day of the WWDC began on Monday late in the evening, and as expected, the iPhone manufacturer, Apple has made a number of exciting announcements. The release of iOS 17 is one of the most eagerly awaited hardware and software debuts. Apple is introducing features like Li...

Read More about Apple New iOS 17 Launched

Microsoft Teams New Updates Released

One of the most widely used online communication and collaboration applications, particularly in office settings, is Microsoft Teams. Microsoft releases a monthly rundown of all the features it introduced to its programme, much like Excel, and updates it frequently with new featu...

Read More about Microsoft Teams New Updates Released

Apple Music Classical Now Available On Android

The Cupertino-based technology behemoth Apple has finally made its new classical music-focused app, Apple Music Classical, accessible on Android. With a design that makes it simple for users to find and enjoy classical music, the app was first introduced for the iOS platform in M...

Read More about Apple Music Classical Now Available On Android

Apple Rolls Out iOS 16.6 Beta Update

Users of the iPhone and iPad can now benefit from a number of additional enhancements thanks to the most recent Apple updates. The tech giant recently released macOS 13.4, iOS 16.5, and iPadOS 16.5—all of which are jam-packed with intriguing new features. Notably, all three upg...

Read More about Apple Rolls Out iOS 16.6 Beta Update

Leave a Comment

By clicking the submit button below, I hereby agree to and accept the following Terms and Conditions