Hackers use Genshin Impact Anti-Cheat to create Ransomware viruses

Hackers use Genshin Impact Anti-Cheat to create Ransomware viruses

HoYoverse knows about it, but they don’t.

The fact that hackers use Genshin Impact anti-cheat driver in their ransomware, Said Experts from Trend Micro. According to their research, attackers have been distributing such utilities since July 2022.

Hackers take advantage of the fact that the Chinese action RPG’s anti-cheat driver has a digital certificate from Microsoft, thereby gaining elevated privileges on Windows. Once attackers include the driver in their malware, they can also use it to disable antivirus.

Trend Micro emphasized that a successful attack does not require Genshin Impact to be installed on the victim’s computer. Ransomware with an integrated anti-cheat driver works on its own without using any other game files.

As of 2020, cybersecurity experts have expressed concern that Genshin Impact Anti-Cheat has many privileges, including at the Windows kernel level. HoYoverse only responded to the claims once and updated the anti-cheat so it turns off when the game isn’t working.

Trend Micro experts told HoYoverse about the ransomware they discovered, but the Chinese company did not comment on the situation.

See also  Airbus has been contracted to bring back samples from Mars
Written By
More from Josh Atkinson
Scientists have discovered an incredibly powerful radio explosion inside the Milky Way
Scientists have identified strange and incredibly powerful radio signals coming from somewhere...
Read More
Leave a comment

Your email address will not be published.