Tuesday, June 28, 2022
-Advertisement-
-Advertisement-
Tech ObserverNewsCyber SecurityMicrosoft confirms Chinese malware within gaming environments

Microsoft confirms Chinese malware within gaming environments

The US major has claimed that the malware driver, called ‘Netfilter’, is a rootkit that was detected communicating with Chinese command-and-control (C2) IPs

The US major has claimed that the malware driver, called ‘Netfilter’, is a rootkit that was detected communicating with Chinese command-and-control (C2) IPs

In a major technology breach, global tech giant has confirmed signing a malicious driver being distributed within gaming environments. The US major has claimed that the driver, called ‘’, is a rootkit that was detected communicating with Chinese command-and-control (C2) IPs.

According to G Data malware analyst , the top techies first took notice of this event last week and later they were joined in by the wider infosec community in tracing and analysing the malicious drivers bearing the seal of Microsoft.

Top analysts believe that the incident has once again exposed threats to software supply-chain security, except this time it stemmed from a weakness in Microsoft’s code-signing process. Microsoft said it is actively investigating this incident, although thus far, there is no evidence that stolen code-signing certificates were used.

The mishap seems to have resulted from the threat actor following Microsoft’s process to submit the malicious Netfilter drivers and managing to acquire the Microsoft-signed binary in a legitimate manner.

“Microsoft is investigating a malicious actor distributing malicious drivers within gaming environments,” the company was quoted as saying by the website.

“We have suspended the account and reviewed their submissions for additional signs of malware,” Microsoft said.

According to Microsoft, the threat actor has mainly targeted the gaming sector specifically in China with these malicious drivers and there is no indication of enterprise environments having been affected so far.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

- Advertisement -

Your Comment on this Story

Comments

Share on activity feed

Powered by WP LinkPress

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -ESDS SAP HANA Community Cloud
- Advertisement -Digital Senate 2022

RELATED ARTICLES

- Advertisement -