16 matches found
EUVD-2020-24067
Malware in sbrugna...
Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control C2 framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center ASEC, which found that security vulnerabilities in Sunlogin, a remote...
CVE-2020-36603
The HoYoVerse formerly miHoYo Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be...
CVE-2020-36603
The HoYoVerse formerly miHoYo Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be...
Code injection
The HoYoVerse formerly miHoYo Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be...
CVE-2020-36603
Affected software: HoYoVerse (miHoYo) Genshin Impact mhyprot2.sys (driver) version 1.0.0.0. Issue: the anti-cheat driver does not adequately restrict unprivileged function calls, enabling local, unprivileged users to execute arbitrary code with SYSTEM privileges on Windows. Prerequisite: the driv...
CVE-2020-36603
The HoYoVerse formerly miHoYo Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be...
CVE-2020-36603
The HoYoVerse formerly miHoYo Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be...
miHoYo Genshin Impact 安全漏洞
miHoYo Genshin Impact is an open-world action role-playing game by Chinese company miHoYo. A security vulnerability exists in miHoYo Genshin Impact mhyprot2.sys version 1.0.0.0, which stems from an unprivileged function call that is not sufficiently restricted. An attacker can exploit this...
PT-2022-9006 · Microsoft +1 · Windows +2
Name of the Vulnerable Software and Affected Versions: Genshin Impact mhyprot2.sys version 1.0.0.0 Description: The Genshin Impact mhyprot2.sys anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM...
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro. The ransomware infection, which was triggered in the last week of July 2022,...
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware...
Malicious code in free-primogems-genshin-impact-2022 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4a454930847d7ba399eb36536554d254e03c290f387c10f401c197d589e0afc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3184 Malicious code in free-primogems-genshin-impact-2022 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4a454930847d7ba399eb36536554d254e03c290f387c10f401c197d589e0afc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in genshin-impact-free-primogems-and-genesis-crystals-2022 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b9bb1aa84bd97eb53afedfa2d56c798dbccf7ed85c213eb7b8fbff56f77d25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3338 Malicious code in genshin-impact-free-primogems-and-genesis-crystals-2022 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b9bb1aa84bd97eb53afedfa2d56c798dbccf7ed85c213eb7b8fbff56f77d25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...