Tech »  Topic »  Another devious antivirus killer tool has been found - so make sure you're protected

Another devious antivirus killer tool has been found - so make sure you're protected


(Image credit: pixabay | Elchinator)
  • Crypto24 ransomware group was seen disabling AV protection before deploying the encryptor
  • In some cases, it can even uninstall the AV programs
  • A layered defense is the best approach to mitigate the threat

Security researchers have found another antivirus-killing tool out there that hackers are using before dropping any additional payloads.

Experts from Trend Micro have uncovered custom variant of the open source tool called RealBlindingEDR.

This tool comes with a hardcoded list of antivirus company names:

Trend Micro
Kaspersky
Sophos
SentinelOne
Malwarebytes
Cynet
McAfee
Bitdefender
Broadcom (Symantec)
Cisco
Fortinet
Acronis

When it is deployed on a device, it looks for these names in driver metadata, and if it ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE