Threat Actor:
🔥
Victim:
🎯
Information:
– The threat actor is offering the source code of AvEleminator software for sale.
– AvEleminator is a tool designed for malicious purposes, aiming to neutralize antivirus, endpoint protection platforms, and endpoint detection and response security software.
– The tool operates using certified signed drivers to bypass or disable security measures.
– Cybercriminals can potentially use AvEleminator to propagate malware or harm systems.
– The following EDR, EPP, and AV solutions are affected by AvEleminator:
– Windefender
– NOD
– ApexOne [TrendMicro]
– Crowdstrikefalcon
– Sentinel
– Sophos
– Avast
– Bitdefender
– Heightened vigilance and proactive security measures are crucial to mitigate the potential impact of such malicious tools on cybersecurity.
————————————————–
In a concerning development, the source code of AvEleminator software has been made available for sale by a threat actor. AvEleminator appears to be a tool designed for malicious purposes. This tool aims to neutralize the effectiveness of antivirus (AV), endpoint protection platforms (EPP), and endpoint detection and response (EDR) security software. It serves as a means for bad actors to bypass or disable such security measures.
Operating using a chain of certified signed drivers, AvEleminator is intended to neutralize specific AV / EPP / EDR products. It could potentially be utilized by cybercriminals to propagate malware or inflict harm upon systems.
List of Affected EDR, EPP, and AV Solutions
- Windefender
- NOD
- ApexOne [TrendMicro]
- Crowdstrikefalcon
- Sentinel
- Sophos
- Avast
- Bitdefender
It underscores the importance of heightened vigilance and proactive security measures to mitigate the potential impact of such malicious tools on cybersecurity.
Source: Original Post