An unidentified hacking group is deploying a rootkit dubbed Netfilter, which is signed in as a legitimate Microsoft driver but used to affect gaming outcomes, researchers at German security firm say. Microsoft said the threat group mainly targeted the Chinese gaming industry and does not appear to be a sophisticated nation-state threat actor. Microsoft added that it is currently investigating the campaign involving the malicious driver. The malware was redirecting the IPs to a Chinese network, the researchers believe that the threat actor is likely a Chinese entity.”]
Source: https://www.cuinfosecurity.com/hackers-disguise-rootkit-as-microsoft-drivers-a-16957