HybridPetya is the fourth publicly known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality
16 Sep 2025
ESET researchers have uncovered a new ransomware strain that they have named HybridPetya. While resembling the infamous Petya/NotPetya malware, it comes with a new and dangerous twist – it adds the ability to compromise UEFI-based systems and weaponize CVE‑2024‑7344 in order to bypass UEFI Secure Boot on outdated systems. HybridPetya is not actively spreading in the wild, but it’s at least the fourth known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality.
What else is there to know about the malware? Find out in the video with ESET Chief Security Evangelist Tony Anscombe and make sure to read the blogpost.