Sirwin
Sirwin

New Cryptojacking Malware Breakdown


645b510ff53bd7dec82d2c83a05a4815ececb7dbda366b7f16cd2b5e278cff16.png

New Cryptojacking Malware Breakdown - The GhostEngine cryptocurrency mining malware disables endpoint security protections, deletes logs, modifies the kernel, and digs-in to establish persistence.

It all begins with getting the victim machine to launch one .exe file.

Cryptojacking malware consumes the compute resources of the victim by running cryptocurrency mining software which then directs any cryptocurrency rewards to accounts that only the attackers can access. 

It is basically resource theft that impacts systems performance, but because of the access it has, it can also be used as a vehicle for further attacks and to deploy more damaging instructions.  It also undermines the protections of the system, which makes it more vulnerable to other attackers!


 
A good writeup: https://arstechnica.com/security/2024/05/researchers-spot-cryptojacking-attack-that-disables-endpoint-protections/

How do you rate this article?

28


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.


Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.