SYMBOLCOMMON_NAMEaka. SYNONYMS
win.netfilter (Back to overview)

NetfilterRootkit

There is no description at this point.

References
2022-05-01BushidoTokenBushidoToken
@online{bushidotoken:20220501:gamer:0acfc22, author = {BushidoToken}, title = {{Gamer Cheater Hacker Spy}}, date = {2022-05-01}, organization = {BushidoToken}, url = {https://blog.bushidotoken.net/2022/05/gamer-cheater-hacker-spy.html}, language = {English}, urldate = {2022-05-03} } Gamer Cheater Hacker Spy
Egregor HelloKitty NetfilterRootkit RagnarLocker Winnti
2021-10-21BitdefenderBitdefender
@techreport{bitdefender:20211021:digitallysigned:248a238, author = {Bitdefender}, title = {{Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions}}, date = {2021-10-21}, institution = {Bitdefender}, url = {https://www.bitdefender.com/files/News/CaseStudies/study/405/Bitdefender-DT-Whitepaper-Fivesys-creat5699-en-EN.pdf}, language = {English}, urldate = {2021-11-03} } Digitally-Signed Rootkits are Back – A Look at FiveSys and Companions
NetfilterRootkit
2021-08-10IntezerGiancarlo Lezama
@online{lezama:20210810:fast:0b4334e, author = {Giancarlo Lezama}, title = {{Fast Insights for a Microsoft-Signed Netfilter Rootkit}}, date = {2021-08-10}, organization = {Intezer}, url = {https://www.intezer.com/blog/malware-analysis/fast-insights-for-a-microsoft-signed-netfilter-rootkit/}, language = {English}, urldate = {2021-08-25} } Fast Insights for a Microsoft-Signed Netfilter Rootkit
NetfilterRootkit
2021-07-29360 Total Securitykate
@online{kate:20210729:netfilter:27b34a6, author = {kate}, title = {{“Netfilter Rootkit II ” Continues to Hold WHQL Signatures}}, date = {2021-07-29}, organization = {360 Total Security}, url = {https://blog.360totalsecurity.com/en/netfilter-rootkit-ii-continues-to-hold-whql-signatures/}, language = {English}, urldate = {2021-08-02} } “Netfilter Rootkit II ” Continues to Hold WHQL Signatures
NetfilterRootkit
2021-06-28Vice MotherboardLorenzo Franceschi-Bicchierai
@online{franceschibicchierai:20210628:hackers:fde0c9d, author = {Lorenzo Franceschi-Bicchierai}, title = {{Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users}}, date = {2021-06-28}, organization = {Vice Motherboard}, url = {https://www.vice.com/en/article/pkbzxv/hackers-tricked-microsoft-into-certifying-malware-that-could-spy-on-users}, language = {English}, urldate = {2021-07-08} } Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users
NetfilterRootkit
2021-06-25GdataKarsten Hahn, Takahiro Haruyama, Johann Aydinbas, Florian Roth
@online{hahn:20210625:microsoft:7ba11af, author = {Karsten Hahn and Takahiro Haruyama and Johann Aydinbas and Florian Roth}, title = {{Microsoft signed a malicious Netfilter rootkit}}, date = {2021-06-25}, organization = {Gdata}, url = {https://www.gdatasoftware.com/blog/microsoft-signed-a-malicious-netfilter-rootkit}, language = {English}, urldate = {2021-06-29} } Microsoft signed a malicious Netfilter rootkit
NetfilterRootkit
2021-06-25MicrosoftMSRC Team
@online{team:20210625:investigating:a58f4f9, author = {MSRC Team}, title = {{Investigating and Mitigating Malicious Drivers}}, date = {2021-06-25}, organization = {Microsoft}, url = {https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/}, language = {English}, urldate = {2021-06-29} } Investigating and Mitigating Malicious Drivers
NetfilterRootkit

There is no Yara-Signature yet.