Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus

5 September 2022

A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro. The ransomware infection, which was triggered in the last week of July 2022, banked on the fact that the driver in question (“mhyprot2.sys”) is signed with a valid certificate, thereby making it possible to circumvent privileges and terminate services associated with endpoint protection applications.

Read full article on The Hacker News

Date:

5 September 2022

Categorie(s):

NEWS

Tag(s):

Abuse, Anti-Cheat, Antivirus, Attackers, Cybercrime

Orum No Code Verify helps businesses validate bank accounts3 May 2024
Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack3 May 2024
Google Announces Passkeys Adopted by Over 400 Million Accounts3 May 2024
Threat Actors Renting Out Compromised Routers To Other Criminals3 May 2024
‘Junk gun’ ransomware: Peashooters can still pack a punch3 May 2024