< BACK TO NEWS
negativeSYS.SOURCE: The Hacker News2026-07-09T16:13:09+05:30

GodDamn Ransomware Leverages PoisonX Kernel Driver for Endpoint Defense Evasion

#ransomware#endpoint security#malware#cyber attack#defense evasion

GodDamn ransomware employs the PoisonX kernel driver, signed by Microsoft, to evade endpoint defenses by terminating antivirus and EDR processes. The attack involves credential theft via NirSoft tools, lateral movement with PsExec, and persistent access through AnyDesk, highlighting advanced defense evasion techniques.

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy.

According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first publicly spotted in the wild on May 21, 2026. It's assessed to be a rebrand of the Beast ransomware,

Read original article

*** END OF TRANSMISSION ***