A new proof-of-concept exploit known as DoubleAgent can not only hijack third-party Windows antivirus software, but use said software to deliver further attacks. While there’s no evidence that the exploit has made its way into the wild yet, most antivirus programs are still completely susceptible to it. Gavin Millard, EMEA Technical Director at Tenable Network Security commented below.
Gavin Millard, EMEA Technical Director at Tenable Network Security:
“Whilst the research and results of DoubleAgent are interesting, it should be noted that administrator privileges would most likely be required to successfully hijack the target executables. If an attacker has admin privileges on an end point, this could become a sneaky method of hiding code and gaining persistence, but it’s doubtful this will become a major attack vector for malware and ransomware.
“The approach of least privilege, using the operating system with a standard user account rather than administrator and restricting local admin access, should mitigate this or make it exceedingly difficult to successfully exploit.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…