Vulnerabilities Allow Researcher to Turn Security Products into Wipers


SafeBreach Labs security researcher Or Yair discovered several vulnerabilities that allowed him to turn endpoint detection and response (EDR) and antivirus (AV) products into wipers.

The researcher was able to trick the weak security products into deleting any files and directories on the system and make the machine unusable using the issues that were discovered and presented on Wednesday at the Black Hat Europe cybersecurity conference. The researcher’s wiper, known as Aikido, takes advantage of the extra system rights that EDR and AV software have by using bogus directories with specially created paths to cause the deletion of legitimate files.

Also Read: Top Strategies to Overcome Cybersecurity Challenges

When a malicious file is discovered but not yet deleted, the Aikido wiper takes advantage of the gap in time.

Read More: Vulnerabilities Allow Researcher to Turn Security Products Into Wipers

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.