HybridPetya is the fourth publicly known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality
16 Sep 2025
ESET researchers have discovered a new ransomware variant named HybridPetya. This malware, similar to the notorious Petya/NotPetya ransomware, introduces a dangerous twist by exploiting UEFI-based systems and leveraging CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. While HybridPetya is not currently spreading in the wild, it represents the fourth known instance of a bootkit with UEFI Secure Boot bypass capabilities.
Want to learn more about this malware? Watch the video featuring ESET Chief Security Evangelist Tony Anscombe and be sure to check out the accompanying blog post.
Stay connected with us on Facebook, X, LinkedIn, and Instagram.
