Moneycontrol PRO
Upcoming Event:Attend Algo Convention Live, 2 Days & 12+ Speakers at best offer Rs.999/-, exclusive for Moneycontrol Pro subscribers. Register now!
you are here: HomeNewsTechnology

Microsoft tricked into signing off on driver loaded with malware

Hackers managed to trick the Redmond giant to push a Netfilter driver loaded with malware.

June 29, 2021 / 05:51 PM IST
Drivers are software that usually acts as a tool for communication between the operating system and specific functions.

Drivers are software that usually acts as a tool for communication between the operating system and specific functions.

Microsoft is investigating an issue where a driver that has been cleared by the Redmond giant may have malicious code embedded within it. Drivers are software that usually acts as a tool for communication between the operating system and specific functions. These drivers are verified for use by Microsoft and only then pushed out to customers.

In this case, a rootkit seems to have slipped through the signing process and targets specific gaming environments to spoof geo-locations systems and play from anywhere.

Microsoft notes that "the malware enables them to gain an advantage in games and possibly exploit other players by compromising their accounts through common tools like keyloggers."

The rogue malware was spotted by G Data analyst Karsten Hahn who has since shared additional details on the rootkit including the methodology used to install the malware on affected systems.

Once installed on a system, the malware communicates with Chinese C2 IPs, more specifically one that belonged to Ningbo Zhuo Zhi Innovation Network Technology Co. Ltd. Hahn said that the oldest version of the malware dates back to March 17, 2021. This means it has been in circulation for a few months.

Close
As of now, Microsoft is still investigating how the code managed to slip through its verification process and has said that it intends to refine its validation processes to prevent this from happening again.



Download your money calendar for 2022-23 here and keep your dates with your moneybox, investments, taxes

Moneycontrol News
first published: Jun 29, 2021 05:51 pm
Sections
ISO 27001 - BSI Assurance Mark