Get a Pentest and security assessment of your IT network.

Cyber Security

GootKit Malware Bypasses Windows Defender by Setting Path Exclusions

GootKit is a banking Trojan that attempts to steal the online banking credentials of infected users through video capture and redirects to fake banking sites under the attacker’s control. The Trojan uses a UAC bypass and WMIC commands to exclude the malware path from being scanned by Windows Defender Antivirus. The malware is not the only Trojan stepping up their game to evade Microsoft’s greatly improved anti-virus product. In July, we reported that TrickBot had started executing PowerShell commands to disable Windows Defender’s functionality and to evade detection.

Source: https://www.bleepingcomputer.com/news/security/gootkit-malware-bypasses-windows-defender-by-setting-path-exclusions/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation