Cyber Security News

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

Cyware
HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

ESET researchers have uncovered HybridPetya, a sophisticated malware that combines bootkit and ransomware capabilities with UEFI system compromise. This malware can bypass UEFI Secure Boot using CVE-2024-7344 and is currently a proof of concept with no active threats observed in the wild. #HybridPetya #CVE20247344

Keypoints

  • HybridPetya is a new malware combining bootkit and ransomware features similar to Petya and NotPetya.
  • The malware can infect UEFI-based systems by installing malicious EFI applications.
  • It uses CVE-2024-7344 to bypass UEFI Secure Boot protections on outdated systems.
  • No active deployment or widespread use of HybridPetya has been detected in the wild yet.
  • HybridPetya joins other UEFI bootkit examples like BlackLotus, indicating increasing Secure Boot bypass techniques.

Read More: https://www.helpnetsecurity.com/2025/09/12/hybridpetya-ransomware-secure-boot-bypass/