AI description
CVE-2024-7344 affects a "Reloader" UEFI application (32-bit and 64-bit) from Howyar. The vulnerability stems from the application's use of a custom PE loader instead of standard UEFI functions. This allows the execution of unsigned software from a hardcoded path, specifically from a specially crafted file named "cloak.dat". Successful exploitation of CVE-2024-7344 allows an attacker to bypass UEFI Secure Boot and execute untrusted code during system boot. This can lead to the deployment of malicious UEFI bootkits, even on systems with UEFI Secure Boot enabled. The vulnerability has been fixed by affected vendors, and Microsoft revoked the vulnerable binaries in the January 14, 2025 Patch Tuesday update.
- Description
- Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
- Source
- cret@cert.org
- NVD status
- Analyzed
- Products
- neo_impact, greenguard, sysreturn, smart_recovery, ez-back_system, hdd_king, erecoveryrx
CVSS 3.1
- Type
- Primary
- Base score
- 8.2
- Impact score
- 6
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-347
- Hype score
- Not currently trending
🚨 ESET Research, modern UEFI sistemlerini tehlikeye atma ve eski sistemlerde Güvenli Önyüklemeyi CVE-2024-7344 aracılığıyla atlama gücüne sahip bir Petya/NotPetya taklidi olan HybridPetya'yı ortaya çıkardı. #ESET #ProgressProtected #Cybersecurity https://t.co/ymai
@ESETTurkiye
22 Sept 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برمجية فـ ـدية هجينة تخـ ـترق حماية UEFI Secure Boot عبر استغلال CVE-2024-7344 التفاصيل.. https://t.co/tOgLSIUUXc #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/ekwzWwHHg2
@ccforrs
18 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber threat wave just hit hard in the last hour — from major data breaches and novel ransomware to phishing takedowns and explosive fraud busts. Here’s the top 10 intel you need to know now: 🦠 New HybridPetya ransomware exploits CVE-2024-7344 to bypass Windows Secure Bo
@np_cyber_news
18 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
👾 Researchers have discovered a new Ransomware HybridPetya, which encrypts MFT on NTFS-sections and bypasses UEFI Secure Boot because of vulnerability Cve-2024-7344. Unlike Notpetya, it allows decryption after redemption 🌛 ESET experts say What HybridPetya becomes part of t
@Hack_Your_Mom
17 Sept 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya ransomware revives boot-level attacks—bypassing UEFI Secure Boot via CVE-2024-7344 and encrypting NTFS MFT. Firmware security must catch up. 🧬🖥️ #HybridPetya #Ransomware https://t.co/1g06H3a53b
@manuelbissey
17 Sept 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
¿Quieres saber cómo actúa #HybridPetya a raíz de nuestro #CTI? No solo cifra. 🚫 Instala bootkit 🛠️ Modifica el arranque 🔓 Evade Secure Boot con CVE-2024-7344 En nuestro Informe de Inteligencia te explicamos por qué es tan peligroso. #MetaProtec #Ciberseguridad #
@MetaProtec
16 Sept 2025
10 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
HybridPetya exploits a vulnerability (CVE-2024-7344) to bypass Secure Boot, making it a serious threat. Remember, previous attacks like NotPetya caused over $10 billion in damages! 💸 #CyberRisk
@Cyb3r_5wift
15 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber threats escalate fast in last hour—top urgent intel below👇 🛑 HybridPetya ransomware targets UEFI Secure Boot via CVE-2024-7344 exploit, installs bootkit encrypting Master File Table; demands ~$1,000 BTC ransom. Firmware-level breach risk rising, urgent patching n
@np_cyber_news
15 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ HybridPetya Ransomware Emerges 💀 ESET research reveals “HybridPetya,” a Petya/NotPetya-style ransomware that bypasses UEFI Secure Boot using CVE-2024-7344, targeting legacy systems ⚡. ❗ Firmware & boot integrity defenses are more critical than ever. 🔗
@MarcelVelica
15 Sept 2025
156 Impressions
3 Retweets
7 Likes
1 Bookmark
6 Replies
0 Quotes
The HybridPetya ransomware on VirusTotal is a new variant of Petya/NotPetya attacks, with UEFI bootkit capabilities and exploits CVE-2024-7344 to bypass UEFI Secure Boot on old systems. It encrypts Master File Table, shows fake CHKDSK status, and demands ransom like actual ransom
@bigmacd16684
15 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ESET Research introduces HybridPetya, a Petya/NotPetya copycat found on VirusTotal in Feb 2025. It encrypts the NTFS MFT and can compromise UEFI systems, weaponizing CVE-2024-7344 to bypass Secure Boot on outdated machines. https://t.co/DhoIgcJMeM https://t.co/WRKljc52eg
@virusbtn
15 Sept 2025
2448 Impressions
17 Retweets
44 Likes
9 Bookmarks
1 Reply
0 Quotes
El nuevo ransomware HybridPetya omite el arranque seguro #UEFI con el exploit para la #vulnerabilidad CVE-2024-7344 https://t.co/hOAvjfaLBl
@Masterhacks_net
15 Sept 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/q1vTkyRQM6 #CyberSecurity #Malware #CSCIS
@CIDC_Ops
15 Sept 2025
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya新型ランサムウェア、CVE-2024-7344悪用でSecure Boot突破の4番目事例 https://t.co/yzuspM9cX9 #izumino_trend
@sec_trend
15 Sept 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/8wqBPFFLzo via @TheHackersNews
@jackgoesvirtual
14 Sept 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/cIApWF40dP
@PVynckier
14 Sept 2025
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber chaos intensifies — fresh malware, scams, hacks, and drone warfare shake sectors worldwide in the last hour 🕒 Here’s the sharp pulse on today’s top cyber threats and attacks: 🛡️ HybridPetya ransomware bypasses Windows Secure Boot using Microsoft vuln CVE-2024
@np_cyber_news
14 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 اكتشاف جديد من @ESETresearch: برمجية خبيثة تحمل اسم HybridPetya ➝ نسخة مطورة من Petya/NotPetya قادرة على استهداف أنظمة UEFI الحديثة وتجاوز Secure Boot عبر الثغرة CVE-2024-7344. 👇 التف
@Mshoraty
14 Sept 2025
103 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit ⬇️⬇️⬇️⬇️ @seguridadyredes @as_informatico @elhackernet @cibernicola_es @GuillermoVersus https://t.co/tnuxfs0Tnd
@ciberconsejo
14 Sept 2025
432 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
New #HybridPetya #Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit #CyberSecurity #vulnerability https://t.co/067iSVxRyd via @TheHackersNews
@DaustoC
14 Sept 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya fidye yazılımı, UEFI Secure Boot’u atlayarak Petya ve NotPetya’nın yöntemlerini hatırlatıyor. Siber güvenlik uzmanları, CVE-2024-7344 açığının kullanılmasıyla ortaya çıkan bu tehdide karşı acil güncelleme ve güvenlik önlemleri öneriyor. htt
@siberbakis
13 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybersecurity researchers at ESET have identified a new ransomware strain named HybridPetya, which exploits CVE-2024-7344 to bypass UEFI Secure Boot. https://t.co/WLkg2Mscn7
@securityRSS
13 Sept 2025
129 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New #HybridPetya #Ransomware Bypasses #UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/lKAmJqlMd5
@jos1727
13 Sept 2025
153 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ HybridPetya ransomware can bypass UEFI Secure Boot. - EFI System Partition infection - Secure Boot bypass via CVE-2024-7344 - Mimics destructive Petya/NotPetya attacks ➡️ Not yet in the wild, but a clear reminder: UEFI bootkits are real threats. Follow @Technadu for
@TechNadu
13 Sept 2025
170 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cybercrime and cyber threats surge with new sophisticated exploits, AI abuse, major crypto fraud, and data theft campaigns—all unfolding in the last hour. Here’s what you need to know: 🦠 HybridPetya ransomware discovered exploiting CVE-2024-7344 to bypass UEFI Secure Bo
@np_cyber_news
13 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ESET warns of HybridPetya, a new ransomware variant that bypasses UEFI Secure Boot with CVE-2024-7344. It encrypts NTFS Master File Tables, crippling systems. Patches from Jan 2025 updates block the exploit, preventing active attacks. https://t.co/WHchQvS04T
@arix_world
13 Sept 2025
121 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Petya, NotPetya and WannCry successor is here. Ralated sources: ESET blog (contains exploitation workflows explanation): https://t.co/YXPb8j1oxS The Hacker News post: https://t.co/Ju7xRrVq0a CVE-2024-7344: https://t.co/kT0aJrlW3R
@NixWarden
13 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass UEFI copycat of Petya/NotPetya exploiting CVE-2024-7344 discovered on VirusTotal 12 Sep 2025 https://t.co/0i9ypzujKo
@tdatwja
13 Sept 2025
276 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
ESET reveals HybridPetya, a proof-of-concept ransomware with bootkit features that exploits CVE-2024-7344 to bypass UEFI Secure Boot on vulnerable systems. No active threats detected. #HybridPetya #UEFISecurity #MalwareAnalysis https://t.co/AmEbLMr2Bq
@TweetThreatNews
13 Sept 2025
175 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
HybridPetya新型ランサムウェア、CVE-2024-7344悪用でSecure Boot突破の4番目事例 https://t.co/PcLbh18YeQ 長期的な視点では、この発見はファームウェアレベルのセキュリティ強化の必要性を浮き彫りにしています。
@innovaTopia_JP
13 Sept 2025
121 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERT: New HybridPetya Ransomware Bypasses UEFI Secure Boot! • Exploits CVE-2024-7344 to bypass Secure Boot • Encrypts NTFS MFT, demands $1,000 in Bitcoin • Discovered by ESET, uploaded to VirusTotal in Feb 2025 Secure Boot bypasses are becoming more common. Stay
@aiagentmaya
13 Sept 2025
137 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-7344 2 - CVE-2025-31324 3 - CVE-2024-44241 4 - CVE-2022-46689 5 - CVE-2025-31200 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
13 Sept 2025
183 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/xe1ohwHEqj Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the abili
@f1tym1
13 Sept 2025
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
باحثو أمن السيّبر كشفوا عن برمجية فدية جديدة اسمها HybridPetya، تشبه Petya/NotPetya لكنها تمتلك قدرات أحدث — أهمها أن تتجاوز ميزة Secure Boot في الأنظمة الحديثة باستخدام
@cyber_shockry
13 Sept 2025
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
HybridPetya ransomware exploits CVE-2024-7344 to bypass UEFI Secure Boot. Akira targets SonicWall SSLVPN with CVE-2024-40766. Panama Ministry breached amid widespread patches for DELMIA, Cisco IOS XR, Samsung, Adobe. #Panama #UEFESecurity #SonicWall https://t.co/LEB3rIOUoE
@TweetThreatNews
13 Sept 2025
445 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
ESET Researchは、新たなランサムウェア「HybridPetya」を発見しました。このマルウェアは、UEFIシステムを狙い、CVE-2024-7344を利用してSecure
@cyber_edu_jp
12 Sept 2025
115 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya ransomware exploits UEFI vulnerability CVE-2024-7344 to bypass Secure Boot on outdated systems, encrypting data at boot. Update firmware and Secure Boot settings immediately. CyberSecurity Link: https://t.co/jCjmmRPLlX #ransomware #vulnerability #encryption
@dailytechonx
12 Sept 2025
133 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
新型ランサムウェア「HybridPetya」がCVE-2024-7344を悪用してUEFI Secure Bootを回避、Salsa20暗号化とMFT破壊機能を持つ高度な脅威 https://t.co/UAvxf9Opfb @nikkeimatomeより
@nikkeimatome
12 Sept 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya can bypass UEFI Secure Boot using CVE-2024-7344—affecting outdated systems. This is a new frontier for ransomware threats! 😱 #GRC
@Cyb3r_5wift
12 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ESET Research uncovers HybridPetya, a Petya/NotPetya copycat with a UEFI bootkit that encrypts NTFS MFT and exploits CVE-2024-7344 to bypass UEFI Secure Boot. No active spread detected. #UEFIBoot #NTFSEncryption #Slovakia https://t.co/qLhLkJNiCW
@TweetThreatNews
12 Sept 2025
149 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya ransomware exploits CVE-2024-7344 to bypass UEFI Secure Boot by infecting the EFI System Partition, combining Petya and NotPetya techniques with Salsa20 encryption and fake error messages. #UEFIThreat #BootkitAttack #CVE20247344 https://t.co/kbxnxjYrl8
@TweetThreatNews
12 Sept 2025
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HybridPetya samples on VirusTotal target NTFS MFT encryption and can install a malicious EFI app; one variant weaponizes CVE-2024-7344 via cloak.dat to bypass UEFI Secure Boot. No active in-the-wild use seen. #CVE_202... https://t.co/nd3N1EDlt7
@hasamba
12 Sept 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
محققان امنیت سایبری باجافزار جدیدی به نام HybridPetya کشف کردهاند که شباهت زیادی به بدافزار بدنام Petya/NotPetya دارد و قابلیت دور زدن مکانیزم Secure Boot در سیستمهای
@Teeegra
12 Sept 2025
1349 Impressions
0 Retweets
18 Likes
6 Bookmarks
0 Replies
0 Quotes
🔥 𝐍𝐞𝐰 𝐇𝐲𝐛𝐫𝐢𝐝𝐏𝐞𝐭𝐲𝐚 𝐫𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐜𝐚𝐧 𝐛𝐲𝐩𝐚𝐬𝐬 𝐔𝐄𝐅𝐈 𝐒𝐞𝐜𝐮𝐫𝐞 𝐁𝐨𝐨𝐭 • HybridPetya can bypass UEFI Secure Boot. • It installs a malicious app
@PurpleOps_io
12 Sept 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya ransomware bypasses UEFI Secure Boot via CVE-2024-7344 and encrypts NTFS metadata with a malicious EFI app. Secure Boot bypass confirmed. Mitigation: • Apply Jan 2025 UEFI revocation • Check for cloak.dat • Rotate Secure Boot keys if needed https://t.co/04
@CloneSystemsInc
12 Sept 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit (The Hacker News) ❓ What exploit does the New HybridPetya Ransomware use to bypass UEFI Secure Boot? Become cyber-aware on dilag3nt[.]com
@Dilag3nt
12 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 NEW RANSOMWARE ALERT: HybridPetya combines NotPetya’s destruction with UEFI bootkit persistence. A new ransomware strain named HybridPetya leverages a patched vulnerability, CVE-2024-7344, to bypass Secure Boot protections on outdated systems and deploy a persistent bootk
@cytexsmb
12 Sept 2025
274 Impressions
1 Retweet
2 Likes
2 Bookmarks
2 Replies
1 Quote
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit https://t.co/uQdhtFn04L #CyberSecurity
@EpicPlain
12 Sept 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya ransomware mimics Petya, bypassing UEFI Secure Boot with CVE-2024-7344 exploit. A critical threat! 🚨 https://t.co/L7vBkH2AFB #HybridPetya #Ransomware #UEFISecureBoot #Cybersecurity #CVE20247344
@0xT3chn0m4nc3r
12 Sept 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit. Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya... https://t.co/A4iE8GTjlj #InceptusSecure #UnderOurProtection
@Inceptus3
12 Sept 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "661C4664-9989-497C-9758-595D667A5E61",
"versionEndExcluding": "10.1.024-20241127"
},
{
"criteria": "cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C26295FA-07B6-42D8-B5E9-7B54FA3D4559",
"versionEndExcluding": "10.2.023-20240927"
},
{
"criteria": "cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "070699E9-BA08-4DFA-B2D7-61289CFDF865",
"versionEndExcluding": "10.2.023_20240919"
},
{
"criteria": "cpe:2.3:a:radix:smart_recovery:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1D9F1B3-11C7-47FC-972C-017869712582",
"versionEndExcluding": "11.2.023-20240927"
},
{
"criteria": "cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A794B06A-1AAC-49D4-8AD5-813A84B6DA60",
"versionEndExcluding": "10.3.024-20241127"
},
{
"criteria": "cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD9C4071-6E0B-472B-89BB-88D324D47534",
"versionEndExcluding": "10.3.021-20241127"
},
{
"criteria": "cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDA5BBD9-2DCD-4F4B-94A2-28E62180ADA3",
"versionEndExcluding": "8.4.022-20241127"
}
],
"operator": "OR"
}
]
}
]