Ransomware’s Secret Weapon: New EDR Killer Tool Unleashes Havoc!
The latest EDR killer tool from RansomHub is giving security software a run for its money—literally. This stealthy creation is the evolution of ‘EDRKillShifter’ and is wreaking havoc with the help of eight ransomware gangs. It’s like a bad sitcom, but for your network.
Hot Take:
In an epic showdown between security software and cybercriminals, the new EDR killer tool is like a sneaky ninja armed with a can of antivirus repellent! With eight ransomware gangs donning their villainous capes, it’s like a cyber-villain convention out there. Who knew hackers could be so collaborative? Maybe they have team-building retreats and trust falls too. Watch out, because this tool is the cyber equivalent of a chocolate bar at a dog show—deliciously dangerous and hard to resist for those pesky ransomware operators!
Key Points:
- RansomHub and seven other ransomware gangs have a new toy: an EDR killer tool.
- The tool uses a trick called “bring your own vulnerable driver” (BYOVD) to disable security software.
- It targets well-known security vendors like Sophos, Microsoft Defender, and Kaspersky.
- Each ransomware gang has its own custom version, suggesting tool-sharing shenanigans.
- Sophos discovered that this tool is part of a wider trend of tool sharing among ransomware groups.