SentinelOne Detects and Protects from GhostMiner CryptoMiner

In this video, you can observe how SentinelOne agent installed on a “victim” machine was able to detect GhostMiner and protect from it. The presented use case demonstrates how an attacker connects remotely to the target machine and launches the attack in-memory. SentinelOne agent detects the lateral movement and the usage of file-less PowerShell-based malware, as presented at the SentinelOne console. It then mitigates the threat, by killing the malicious process.

-~-