A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice’s product suite to sidestep detection efforts and deliver the Gh0st RAT malware.
« To further evade detection, the attackers deliberately generated multiple variants (with different hashes) of the 2.0.2 driver by modifying specific PE parts while keeping the signature valid, » Check Point
