Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
What would happen if a legimate program, OS, or game somehow had a virus or malware installed on it from the official source?
Message
<blockquote data-quote="cruelsister" data-source="post: 950111" data-attributes="member: 7463"><p>The mechanism is in a way sort of cool as the ransomware is digitally signed (by PB03 TRANSPORT, now revoked), runs a script (certutil pops up again within it, of course) that kinda-sorta disables Defender while at the same time dropping a legitimate Defender Antimalware Application (msmpeng.exe) as well as the malicious mpsvc.dll (knowing that Defender isn't all that swift with regard to side loading attacks).</p><p></p><p>Although the blame for Kaseya will be placed on the hackers, the real blame lies with those that utilize sub-optimal malware defenses.And not that anyone asked, but CF laughs at this one prior to malware eradication.</p></blockquote><p></p>
[QUOTE="cruelsister, post: 950111, member: 7463"] The mechanism is in a way sort of cool as the ransomware is digitally signed (by PB03 TRANSPORT, now revoked), runs a script (certutil pops up again within it, of course) that kinda-sorta disables Defender while at the same time dropping a legitimate Defender Antimalware Application (msmpeng.exe) as well as the malicious mpsvc.dll (knowing that Defender isn't all that swift with regard to side loading attacks). Although the blame for Kaseya will be placed on the hackers, the real blame lies with those that utilize sub-optimal malware defenses.And not that anyone asked, but CF laughs at this one prior to malware eradication. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
