Bring Your Own Driver

Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks

Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. The vulnerable drivers were exploited in ‘Bring Your Own Vulnerable Driver’ (BYOVD) attacks where threat actors drop the kernel driver on a targeted system to elevate privileges. “An attacker with local access to a […]

4 mins read

New SteelFox malware hijacks Windows PCs using vulnerable driver

November 6, 2024November 6, 2024 geekfeed0Tagged Bring Your Own Driver, BYOVD, Information Stealer, Information-stealing malware, malware, SteelFox, vulnerability, windows

A new malicious package called ‘SteelFox’ mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. The malware bundle dropper is distributed through forums and torrent trackers as a crack tool that activates legitimate versions of various software like Foxit PDF Editor, JetBrains and […]

3 mins read

Windows driver zero-day exploited by Lazarus hackers to install rootkit

August 20, 2024August 20, 2024 geekfeed0Tagged Bring Your Own Driver, BYOVD, CVE-2024-38193, Lazarus Group, vulnerability, Zero-Day

The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. Microsoft fixed the flaw, tracked as CVE-2024-38193 during its August 2024 Patch Tuesday, along with seven other zero-day vulnerabilities. CVE-2024-38193 is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability in the Windows Ancillary Function […]

3 mins read