GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
![GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack](https://www.ngtedu.co.in/heenachy/2024/05/GHOSTENGINE-Exploits-Vulnerable-Drivers-to-Disable-EDRs-in-Cryptojacking-Attack.png)
Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack.
Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese
The post “GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack” appeared first on The Hacker News
Source:The Hacker News – [email protected] (The Hacker News)