HybridPetya is a ransomware strain that bypasses UEFI Secure Boot by exploiting a vulnerability in Howyar Reloader, allowing it to install a malicious EFI application. It encrypts the Master File Table and demands a ransom, but decryption is possible, unlike NotPetya. While currently unobserved in the wild, HybridPetya demonstrates the growing threat of UEFI bootkits.
Latest mentioned: 09-12
Earliest mentioned: 09-12