Snapchat has added purple lock to its Stories feature
Snapchat's Stories now have a purple lock. This means that only a...
Articles
-
Data can be wiped with antivirus software
-
Amazon Web Services outage causes global disruptions across major websites and apps
-
Pakistan successfully launches first Hyperspectral Satellite HS-1 from China
-
Pakistan successfully launches first Hyperspectral Satellite HS-1 from China
Advertisement
Data can be wiped with antivirus software
Advertisement
- Cybersecurity researcher says that antivirus software can be hacked to delete data.
- Virus affects products like Microsoft, SentinelOne, TrendMicro, Avast, and AVG.
- Or Yair says vulnerability can be used to help with a number of cyberattacks called “Wipers”.
Advertisement
A top cybersecurity researcher has said that many popular pieces of antivirus software like Microsoft, SentinelOne, TrendMicro, Avast, and AVG can be used to delete data.
In a document called “Aikido,” which opens in a new tab, Or Yair, who works for the cybersecurity company SafeBreach, explained how the exploit works by using what is called a “time-of-check to time-of-use” (TOCTOU) vulnerability.
Aikido is a Japanese style of martial arts that is known for trying to use the opponent’s own movement and force against them.
Yair says that the vulnerability can be used to help with a number of cyberattacks called “Wipers,” which are often used in offensive war situations.
In cybersecurity, a wiper is a type of malware that deletes data and programmes from the hard drive of the computer it infects.
The slide deck says that the exploit changes the “superpower” of endpoint detection software so that it can “delete any file, no matter who owns it.”
Advertisement
As part of the whole process, a malicious file was made in “C:tempWindowsSystem32driversndis.sys.”
After that, you hold its handle and tell the “AV/EDR to put off the deletion until the next reboot.”
After this, the “C:temp directory” is deleted and a “junction in C:temp –> C:” is made. The machine is then turned back on.
Yair says that only about 50% of the most well-known antivirus brands were affected.
A slide deck made by the researcher says that the vulnerability affected Microsoft Defender, Defender for Endpoint, SentinelOne EDR, TrendMicro Apex One, Avast Antivirus, and AVG Antivirus.
Some products, like Palo Alto, XDR, Cylance, CrowdStrike, McAfee, and BitDefender, were lucky enough not to be affected.
Advertisement
Advertisement
Advertisement
Read More News On
Catch all the Sci-Tech News, Breaking News Event and Latest News Updates on The BOL News
Download The BOL News App to get the Daily News Update & Follow us on Google News.