Think that your computer is protected by just using an antivirus software? Think again

Published May 24th, 2024 by Bayonseo

There is a malicious malware that can turn off your security protection without you even realizing it and then proceed to download a hefty load of crypto miners.

Evil doesn’t sleep and that is something that resonates well with hackers and malicious actors, while you think your computer is fully protected by installing antivirus software, hackers have found a way to install crypto miners on your devices without you realizing it.

This was recently discovered by cybersecurity researchers at Elastic Security Labs and Antiy who gave it the name REF4578, but were unable to assign an attribute to any specific threat actor. The way that it infiltrates your computer is by dropping vulnerable drivers onto the endpoint, through which they are able to disable and ultimately uninstall any antivirus software that you might have. Once this step is completed the malware drops XMrig, one of the most popular cryptocurrency miners out there. Currently, this doesn’t seem to be targeted specifically to any kind of group so it's difficult to determine exactly how many computers were infected.

In conclusion, relying solely on antivirus software is no longer sufficient to protect your computer from sophisticated threats like the REF4578 malware. Cybercriminals continuously innovate, finding ways to bypass security measures and install crypto miners such as XMrig on unsuspecting devices. The discovery by Elastic Security Labs and Antiy highlights the persistent danger posed by these malicious actors, who exploit vulnerable drivers to disable antivirus programs and execute their attacks. Since this threat does not appear to target any specific group, it undermines the importance of adopting comprehensive cybersecurity practices and staying vigilant to safeguard against evolving cyber threats.

‹ Back