WINTAPIX Kernel Driver Targeting Middle Eastern Nations
WINTAPIX Kernel Driver Targeting Middle Eastern Nations
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
The WINTAPIX driver, protected by VMProtect, targets Saudi Arabia and other Gulf countries, possibly linked to Iranian threat actors exploiting Exchange servers for malware deployment.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.