From gbhackers.com
Researchers observed a new ransomware family called “Robinhood” that using a digitally signed vulnerable driver to bypass the protection by killing files belonging to endpoint security products, bypassing tamper protection and antivirus software to encrypt the system files.
Attackers using the Living off the Land technique for this ransomware attack to destructive file encryption portion and they are using Gigabyte driver vulnerability tracked as CVE-2018-19320.