Wormable XMRig Campaign Uses BYOVD Exploit for Cryptojacking

Cybersecurity researchers identified a cryptojacking campaign distributing a custom XMRig miner via pirated software bundles to compromise hosts. The attack employs a multi-stage infection chain designed to maximize cryptocurrency mining hashrate, often destabilizing victim systems. The campaign utilizes a wormable propagation method, a Bring Your Own Vulnerable Driver (BYOVD) exploit, and a time-based logic bomb for persistence and evasion. No specific dates, CVE IDs, or victim counts were disclosed in the reported details. The primary impact involves unauthorized cryptocurrency mining at the expense of system stability and performance.