full image - Repost: Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth (from Reddit.com, Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth )
Mining:
Exchanges:
Donations:
A newly identified malware, dubbed "GhostEngine" and also known as "Hidden Shovel," is raising alarms due to its capability to silently disable kernel drivers and evade Endpoint Detection and Response (EDR) systems. This stealthy malware is currently being used in a sophisticated cryptomining operation. Join subreddit r/martechnewser for instant notifications!Novel EDR-Killing 'GhostEngine' Malware Is Built for StealthKey Insights: Malware Mechanisms and Impact: "GhostEngine" exploits vulnerable drivers to terminate EDR agents, clearing the way for uninterrupted cryptomining activities.Technical Execution and Strategy: Initiated by a malicious executable mimicking a legitimate Windows process, "GhostEngine" executes a series of commands through PowerShell to manage its components and communicate with its command-and-control server.Campaign Complexity and Objectives: The complexity of this campaign is highlighted by its dual goals: to install the XMRig miner for Monero mining and ensure its operation remains undetected by disabling security barriers within corporate networks.
Social Media Icons