More than a decade ago, rootkits were the apex predators of cybercrime. These clandestine computer programs were built to offer attackers an uninterrupted foothold onto victims’ computers and conceal malicious activities from the operating system as well as from antimalware solutions.
For the past few months, Bitdefender researchers have seen a surge in malicious drivers with valid digital signatures issued through the WHQL signing process.
This research focuses on FiveSys – a digitally signed rootkit that made its way through the driver certification process.
An up-to-date and complete list of indicators of compromise is available to Bitdefender Advanced Threat Intelligence users. The currently known indicators of compromise can be found in the whitepaper below.
tags
I am a security researcher at Bitdefender investigating Windows malware, (particularly rootkits), and developing forensics tools.
View all postsI'm a security researcher at Bitdefender with a focus on threats like rootkits and bootkits. I'm also passionate about Automotive Communication Protocols and Real Time Embedded Systems.
View all postsI'm a security researcher at Bitdefender working on cybercrime investigations and developing tools to help with malware and forensics analysis. In my free time, I learn new things and play video games
View all postsJune 08, 2023
May 02, 2023
January 11, 2023
January 05, 2023