A new study has found that 54 programs can stop security tools on computers. This study was done by a Slovakian cybersecurity company. These programs use a method called bring your own vulnerable driver (BYOVD). They take advantage of 35 weak or unsafe drivers.
Ransomware attacks are when bad actors hold data hostage for money. They often use EDR killer programs to turn off security software. This helps them avoid being found. It is hard for them to stay hidden when they use their programs, as they create a lot of noise while working.
Many EDR killers use real drivers that have problems. These drivers help them gain more power over the system. This makes it easier to disable security tools. Threat actors, or people who carry out attacks, can also change important system settings.
To fight against these threats, organizations need strong security. They should stop unsafe drivers from loading and watch for attacks at every step. ESET says these EDR killers work well because they are easy to use and reliable.
