Tag: REF4578

Experts at Elastic Security Labs and Antiy have uncovered a new cryptocurrency mining campaign codenamed REF4578, wherein the GhostEngine malware exploits vulnerable drivers to disable antivirus programs and deploy the XMRig miner. Elastic Security Labs and Antiy highlighted the high complexity of the attack. In their reports, the companies shared detection rules to assist defenders…