BleepingComputer · Jun 16, 2026 14:17 UTC

GhostTree Attack Abused Recursive Windows Junctions to Hide Malware

Summary

GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving malware undetected. [...]

Original reporting

Open original source

Related coverage

Read full article on BleepingComputer

GhostTree Attack Abused Recursive Windows Junctions to Hide Malware

Original reporting

Related coverage

SpaceX rises 12% to leapfrog Amazon, briefly top Microsoft in market cap

I tried AnduinOS 2.0, and it may be the easiest way to ditch Windows for Linux