HackerFeeds

CyberSecurity News

'GodDamn' Ransomware Uses BYOVD to Smite US Companies

Dark Reading
· July 9, 2026

AI summary

A malicious kernel driver co-signed by Microsoft is being utilized in ransomware attacks to disable security software. This driver is being used by the GodDamn ransomware to evade detection and successfully carry out attacks, primarily targeting US companies. The driver's co-signing by Microsoft allows it to appear as a legitimate component, making it more difficult for security measures to identify and block it. As a result, the GodDamn ransomware is able to effectively neutralize security software, increasing its chances of a successful attack. The use of this co-signed driver is a notable aspect of the GodDamn ransomware's tactics.

Read the full article at Dark Readingwww.darkreading.com/cyberattacks-data-breaches/goddamn-ransomware-byovd-smite-companies

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to Dark Reading.