"Netfilter" driver is rootkit signed by Microsoft
https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/
Microsoft has now confirmed signing a malicious driver being distributed within gaming environments.
This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control (C2) IPs.
"Netfilter" driver is rootkit signed by Microsoft
Jun 26, 2021, 10:26am UTC
https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/
> Microsoft has now confirmed signing a malicious driver being distributed within gaming environments.
> This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control (C2) IPs.