Kasseika Ransomware Employs BYOVD Tactic to Impair Defenses

Threat Level – Red | Vulnerability Report
Download PDF

The ransomware operation ‘Kasseika’ has recently been identified using the Bring Your Own Vulnerable Driver (BYOVD) tactic. This involves exploiting vulnerabilities in a loaded driver to disable antivirus software before initiating the file encryption process. Through this strategy, the malware gains privileges to terminate 991 processes, including those related to antivirus products, security tools, analysis tools, and system utilities.

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox