CyberHappenings logo
☰

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

HybridPetya Ransomware Bypasses UEFI Secure Boot

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

A new variant of the Petya/NotPetya ransomware, dubbed HybridPetya, has been discovered. This malware can bypass UEFI Secure Boot, allowing it to install a malicious application and evade detection by antivirus software. HybridPetya samples were uploaded to Google's VirusTotal platform in February 2025, but no telemetry suggests it has been deployed in the wild. HybridPetya's ability to compromise UEFI Secure Boot makes it a significant threat, as it can survive operating system reinstalls and deploy kernel-mode payloads. This development highlights the evolving tactics of ransomware operators, who are increasingly targeting firmware-level vulnerabilities to maintain persistence and evade detection.

Timeline

  1. 15.09.2025 14:22 πŸ“° 1 articles Β· ⏱ 8h ago

    HybridPetya Ransomware Samples Uploaded to VirusTotal

    HybridPetya, a new variant of the Petya/NotPetya ransomware, was discovered with the ability to bypass UEFI Secure Boot. Samples of the malware were uploaded to Google's VirusTotal platform in February 2025. This variant can install a malicious application and evade detection by antivirus software, making it a significant threat. No telemetry suggests that HybridPetya has been deployed in the wild, but its capabilities highlight the evolving tactics of ransomware operators targeting firmware-level vulnerabilities.

    Show sources

Information Snippets