The use of Windows Packet Divert drivers to manipulate network traffic has surged, with over 2.4 million detections in the past six months. Cybercriminals have exploited this technique in a large-scale malware campaign, distributing SilentCryptoMiner under the guise of an internet restriction bypass tool. To expand their reach, attackers falsely accused content creators of copyright violations, threatening to shut down their YouTube channels unless they promoted malicious links. While the campaign currently focuses on covert cryptocurrency mining, it has the potential to evolve into a more serious threat, enabling data theft and the deployment of additional malware.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox
