Another devious antivirus killer tool has been found - so make sure you're protected
techradar.com
- Crypto24 ransomware group was seen disabling AV protection before deploying the encryptor
- In some cases, it can even uninstall the AV programs
- A layered defense is the best approach to mitigate the threat
Security researchers have found another antivirus-killing tool out there that hackers are using before dropping any additional payloads.
Experts from Trend Micro have uncovered custom variant of the open source tool called RealBlindingEDR.
This tool comes with a hardcoded list of antivirus company names:
-
This devious ransomware is able to hijack your system to turn off antivirus -
Hackers can turn off Windows Defender with this sneaky new tool -
Fog ransomware attacks use employee monitoring tool to break into business networks
Trend Micro
Kaspersky
Sophos
SentinelOne
Malwarebytes
Cynet
McAfee
Bitdefender
Broadcom (Symantec)
Cisco
Fortinet
Acronis
When it is deployed on a device, it looks for these names in driver metadata, and if it ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE