GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack -

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese

May 22, 2024

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack.
Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

Leave a Reply Cancel reply

Related Posts

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics