#4
The Hacker News
general
July 09, 2026 at 10:43 UTC
GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses
By [email protected] (The Hacker News)
AI Summary
Symantec's Threat Hunter Team identified 'GodDamn' ransomware, first spotted in the wild on May 21, 2026, as a rebrand of Beast ransomware. It employs a Bring Your Own Vulnerable Driver (BYOVD) technique via the Microsoft co-signed PoisonX kernel driver to disable endpoint security software before encrypting targets, primarily in the United States.
Relevance score: 82.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →