A malicious crypto mining campaign, codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine. This payload exploits vulnerable drivers to disable security products and deploy an XMRig miner. The campaign is notable for its complexity, which ensures both the installation and persistence of the XMRig miner.
Get through updates and upcoming events, and more directly in your inbox