Cybercriminals Unleash EDRKillShifter: Your Antivirus Doesn’t Stand a Chance!
Cybercriminals have unleashed EDRKillShifter, a malware tool designed to kill endpoint detection and response (EDR) systems and pave the way for ransomware attacks. Sophos discovered this, noting its failure in one attempt. Businesses should bolster tamper protection and maintain strong Windows security practices to counter…
Hot Take:
Antivirus programs are supposed to be the bodyguards of your digital world, but it looks like these cybercriminals have found a way to turn them into sitting ducks. Meet EDRKillShifter, the new “antivirus exterminator” on the block, making ransomware attacks more successful than ever before. It’s like bringing a bazooka to a knife fight!
Key Points:
- Cybercriminals are using a new malware tool called EDRKillShifter to disable antivirus programs.
- EDRKillShifter was spotted in use by the ransomware group RansomHub.
- Sophos suggests the tool may be available on the dark web, used by multiple attackers.
- EDRKillShifter works by deploying vulnerable drivers to exploit and disable endpoint detection and response (EDR) systems.
- Businesses are advised to enable tamper protection and practice strong security hygiene to defend against such threats.
Membership Required
You must be a member to access this content.