VERY IMPORTANT

A new ransomware called HybridPetya has been discovered, combining features of Petya and NotPetya with advanced UEFI-based system capabilities. It encrypts the Master File Table on NTFS partitions and can install a malicious EFI application to compromise UEFI systems. One variant exploits CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. While not yet observed in the wild, HybridPetya demonstrates sophisticated techniques including UEFI bootkit functionality and Secure Boot bypass. It may be a proof-of-concept but highlights the growing trend of UEFI-based threats. The malware allows key reconstruction, potentially functioning as regular ransomware rather than being purely destructive like NotPetya.