11
"Netfilter" driver is rootkit signed by Microsoft

"Netfilter" driver is rootkit signed by Microsoft

3 years ago
Anonymous $drS9DEX_Sj

https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/

Microsoft has now confirmed signing a malicious driver being distributed within gaming environments.

This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control (C2) IPs.