A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro.
The ransomware infection, which was triggered in the last week of July 2022, banked on the fact that the driver in question (“mhyprot2.sys”) is signed with a valid certificate,