HybridPetya Ransomware Bypasses UEFI Secure Boot
Summary
Hide β²
Show βΌ
A new variant of the Petya/NotPetya ransomware, dubbed HybridPetya, has been discovered. This malware can bypass UEFI Secure Boot, allowing it to install a malicious application and evade detection by antivirus software. HybridPetya samples were uploaded to Google's VirusTotal platform in February 2025, but no telemetry suggests it has been deployed in the wild. HybridPetya's ability to compromise UEFI Secure Boot makes it a significant threat, as it can survive operating system reinstalls and deploy kernel-mode payloads. This development highlights the evolving tactics of ransomware operators, who are increasingly targeting firmware-level vulnerabilities to maintain persistence and evade detection.
Timeline
-
15.09.2025 14:22 π° 1 articles Β· β± 8h ago
HybridPetya Ransomware Samples Uploaded to VirusTotal
HybridPetya, a new variant of the Petya/NotPetya ransomware, was discovered with the ability to bypass UEFI Secure Boot. Samples of the malware were uploaded to Google's VirusTotal platform in February 2025. This variant can install a malicious application and evade detection by antivirus software, making it a significant threat. No telemetry suggests that HybridPetya has been deployed in the wild, but its capabilities highlight the evolving tactics of ransomware operators targeting firmware-level vulnerabilities.
Show sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
Information Snippets
-
HybridPetya is a new variant of the Petya/NotPetya ransomware.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
-
HybridPetya can bypass UEFI Secure Boot, allowing it to install a malicious application.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
-
The malware can evade detection by antivirus software and survive operating system reinstalls.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
-
HybridPetya samples were uploaded to Google's VirusTotal platform in February 2025.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
-
No telemetry suggests HybridPetya has been deployed in the wild.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22
-
HybridPetya's ability to compromise UEFI Secure Boot makes it a significant threat.
First reported: 15.09.2025 14:22π° 1 source, 1 articleShow sources
- β‘ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More β thehackernews.com β 15.09.2025 14:22