GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack


Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack.
Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese

[ad_2]





2024-05-22 08:57:00


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *