Cybersecurity Chaos: GHOSTENGINE and the Rise of BYOVD Attacks

Cybersecurity researchers have uncovered a crafty cryptojacking campaign dubbed REF4578, employing a Bring Your Own Vulnerable Driver (BYOVD) attack. The campaign uses vulnerable drivers to disable security solutions and deploy the GHOSTENGINE payload, ensuring the persistence of an XMRig miner. It’s like the Swiss Army…