Windows vulnerabilities make way for new dangerous DoubleAgent malware threat

Costea Lestoc By: Costea Lestoc
2 minute read
Ramnit Malware

Just as the online community was recuperating from the last wave of malicious attacks, a new threat has surfaced that puts Windows users in danger. The new threat acts through antivirus programs themselves, making it worthy of the name DoubleAgent.

DoubleAgent is able to access and take control of a computer’s antivirus through a Windows XP vulnerability that is no less than 15 years old. Additionally, there is a Windows application that also contributes to how the attack works called Application Verifier which has been compromised as well

A dangerous threat is on the loose

This threat is scary because it allows attackers to take full control of an antivirus and wreck havoc on a system and its owner. By inserting a custom verifier into system software, attackers are able to take full control of any service on the computer. Security professionals are already on the job trying to find ways in which this form of attack can be combated or prevented. Here’s what they’ve found so far:

Once the attacker has gained control of the antivirus, he may command it to perform malicious operations on behalf of the attacker. Because the antivirus is considered a trusted entity, any malicious operation done by it would be considered legitimate, giving the attacker the ability to bypass all the security products in the organization.

The exploits this can lead to are scary

There are quite a few ways in which this kind of destructive tool can be used against users. Systems could either be controller or compromised completely, leaving owners with pretty much no defense.

While dangerous, malicious threats are usually blocked by an antivirus, meaning that the level of threat they pose is mitigated or at least slowed. In this case, there is nothing holding back DoubleAgent as it is free of any obstacle an antivirus might put in its way.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Mozilla adds alerts about recently breached sites into Firefox browser

Giles Ensor avatar. By: Giles Ensor
3 minute read

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make […]

Continue Reading

More uncertainty for Microsoft’s Windows 10 October Update

Giles Ensor avatar. By: Giles Ensor
3 minute read

Oh dear. It’s been a pretty bad month for Microsoft concerning its Windows 10 October 1809 Update release. Microsoft eventually released the update a couple […]

Continue Reading

Confirmed: Microsoft now accepting ARM64 apps on its Store

Giles Ensor avatar. By: Giles Ensor
2 minute read

Yesterday, Microsoft released Visual Studio 15.9. With it came the announcement that “developers now have the officially supported SDK and tools for creating 64-bit ARM […]

Continue Reading