Malware originally developed for government espionage is now in use by criminals. The malware, dubbed Gyges, was first discovered in March by Sentinel Labs. The report states that Gyges’ evasion techniques are “significantly more sophisticated” than the payloads attached. Gyges goes to great lengths to hide itself. It uses a hooking bypass technique that exploits a log bug in Windows 7 and 8. It also uses Yoda, a “protector” that obfuscates malicious behavior. It is being used by cybercriminals for encrypting hard drives to collect ransoms.”]
Source: https://www.darkreading.com/attacks-breaches/government-grade-stealth-malware-in-hands-of-criminals