In some cases, the threat actor’s intent was to ultimately provide SIM swapping services.” SentinelLabs also said it observed a separate threat actor utilizing a similar Microsoft-signed driver, which led to the deployment of Hive ransomware against an entity in the medical industry.
Read full article on Infosecurity