GhostEngine Mining Attacks Kill EDR Security Using Vulnerable Drivers
GhostEngine Mining Attacks Kill EDR Security Using Vulnerable Drivers
22 May 2024
A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner.