WINTAPIX Kernel Driver Targeting Middle Eastern Nations

Threat Level – Amber | Vulnerability Report
Download PDF

The WINTAPIX driver, protected by VMProtect, targets Saudi Arabia and other Gulf countries, possibly linked to Iranian threat actors exploiting Exchange servers for malware deployment.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox