{"id":1626,"date":"2017-04-03T05:43:56","date_gmt":"2017-04-03T05:43:56","guid":{"rendered":"https:\/\/antivirus.comodo.com\/blog\/?p=1626"},"modified":"2020-08-25T13:28:35","modified_gmt":"2020-08-25T07:58:35","slug":"a-new-attack-that-turns-antivirus-software-into-malware","status":"publish","type":"post","link":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/","title":{"rendered":"A New Attack That Turns Antivirus Software Into Malware"},"content":{"rendered":"<p>Here comes news about a new kind of attack that can turn an advanced antivirus security software itself into malware.<\/p>\n<p>Researchers have come up with reports about a new proof-of-concept exploit, which has been named DoubleAgent, which would hijack third-party Windows <a href=\"https:\/\/www.comodo.com\/home\/internet-security\/antivirus-advanced.php\" rel=\"noopener\" target=\"_blank\" title=\"antivirus software\">antivirus software<\/a> and then use the same antivirus software to deliver further attacks. Of course, there is no evidence that the exploit is already there are causing issues, but <a href=\"https:\/\/www.comodo.com\/home\/internet-security\/free-internet-security.php\" target=\"_blank\" rel=\"noopener\">internet security<\/a> researchers have found that this is a vulnerability that most antivirus programs are susceptible to.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3069\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/antivirus-software.jpg\" alt=\"antivirus software\" width=\"650\" height=\"300\" srcset=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/antivirus-software.jpg 650w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/antivirus-software-300x138.jpg 300w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/antivirus-software-225x104.jpg 225w\" sizes=\"auto, (max-width: 650px) 100vw, 650px\" \/><\/p>\n<p>This development is a bit startling. This because advanced antivirus security software, which is expected to ensure better security from hackers, can now turn a potential tool in the hands of the very same hackers. It&#8217;s a debugging tool in Microsoft Windows, in fact a well-intentioned debugging tool which is called Microsoft Application Verifier, that could be used to gain access to <a href=\"https:\/\/www.comodo.com\/home\/internet-security\/antivirus.php\" target=\"_blank\" rel=\"noopener\">antivirus software<\/a>. Of course, this could help hackers manipulate any software target, but it would most likely be the antivirus software that would appeal the most to any attacker. This because antivirus programs have extensive system privileges including the privilege of scanning the whole system itself and can help hackers to get access to almost anything on a system or network.<\/p>\n<p>As per <a href=\"https:\/\/www.comodo.com\/website-security-platform\/cwatch.php\" target=\"_blank\" rel=\"noopener\">internet security software<\/a> experts who are doing researches and analyses about the bug, the malicious code, which enters through the legitimate Microsoft Application Verifier tool, becomes really persistent. Even a system reboot wouldn&#8217;t help eliminate the attack and once an attacker gains control of the <em>antivirus program<\/em>, he can manipulate it to execute all kinds of attacks. These may include-<\/p>\n<ul>\n<li>Turning the antivirus program itself into a malware.<\/li>\n<li>Using the AV program to whitelist the malware that hackers want to spread.<\/li>\n<li>Making the antivirus ignore different malicious remote activity, including decryption, data-mining etc.<\/li>\n<li>Using the AV program to encrypt files or format hard drives without users permission and thus use the AV software as ransomware.<\/li>\n<li>Using the AV program to cause a denial-of-service condition for any program on Windows, by making it flag and block applications.<\/li>\n<\/ul>\n<p>This vulnerability is dangerous indeed, firstly because it uses the very same <strong>advanced antivirus security<\/strong> software that we use to secure our systems, to carry out the attack and secondly because when an antivirus itself turns malicious, it can simply impact any area in our system\/network.<\/p>\n<p>Of the many antivirus programs that have been identified as susceptible to this vulnerability, some have reportedly patched the bug while the <a href=\"https:\/\/antivirus.comodo.com\/\" target=\"_blank\" rel=\"noopener\">Comodo Antivirus<\/a> has its own default protections that negate such attacks.<\/p>\n<p><a href=\"https:\/\/antivirus.comodo.com\/free-antivirus.php?afid=9356\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-1800\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2014\/09\/Ransomware.jpg\" alt=\"Antivirus software\" width=\"650\" height=\"300\" srcset=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2014\/09\/Ransomware.jpg 650w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2014\/09\/Ransomware-300x138.jpg 300w, https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2014\/09\/Ransomware-225x104.jpg 225w\" sizes=\"auto, (max-width: 650px) 100vw, 650px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/secure.nurd.com\/home\/purchase.php?pid=109&#038;af=16166\" target=\"_blank\" rel=\"noopener\" onclick=\"ga('send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Click', eventLabel: 'GET COMPLETE PROTECTION banner Product CIS Pro'});ga('nT.send', 'event', {eventCategory: 'Antivirus Blog', eventAction: 'Click', eventLabel: 'GET COMPLETE PROTECTION banner Product CIS Pro'});\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-8604\" src=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2020\/08\/complete-antivirus.png\" alt=\"comodo antivirus\" width=\"650\" height=\"83\" \/><\/a><\/p>\n<p><strong>Related Resources:<\/strong><\/p>\n<p><strong><a href=\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/best-antivirus-of-2019\/\" target=\"blank\">https:\/\/antivirus.comodo.com\/blog\/computer-safety\/best-antivirus-of-2019\/<\/a><\/strong><\/p>\n<p><strong><a href=\"https:\/\/antivirus.comodo.com\/blog\/comodo-news\/5-best-free-malware-removal-tools-2019\/\" target=\"blank\">https:\/\/antivirus.comodo.com\/blog\/comodo-news\/5-best-free-malware-removal-tools-2019\/<\/a><\/strong><\/p>\n<p>&nbsp;<br \/>\n<a href=\"https:\/\/webinspector.com\/website-malware-scanner\/\" target=\"_blank\" rel=\"noopener\">Free Website Malware Scanner<\/a><\/p>\n<p><a href=\"https:\/\/cwatch.comodo.com\/website-status-checker.php\" rel=\"noopener\" target=\"_blank\">Website Status<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here comes news about a new kind of attack that can turn an advanced antivirus security software itself into malware. Researchers have come up with reports about a new proof-of-concept exploit, which has been named DoubleAgent, which would hijack third-party Windows antivirus software and then use the same antivirus software to deliver further attacks. Of [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":1685,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[9,439,14,438],"class_list":["post-1626","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-computer-safety","tag-antivirus","tag-double-agent-malware","tag-internet-security","tag-turn-antivirus-software-into-malware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>New Attack Turns Antivirus Software into Malware | Comodo News<\/title>\n<meta name=\"description\" content=\"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Attack Turns Antivirus Software into Malware | Comodo News\" \/>\n<meta property=\"og:description\" content=\"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"Comodo Antivirus Blogs | Anti-Virus Software Updates\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-03T05:43:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-25T07:58:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"225\" \/>\n\t<meta property=\"og:image:height\" content=\"170\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"seo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"seo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/\",\"name\":\"New Attack Turns Antivirus Software into Malware | Comodo News\",\"isPartOf\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg\",\"datePublished\":\"2017-04-03T05:43:56+00:00\",\"dateModified\":\"2020-08-25T07:58:35+00:00\",\"author\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462\"},\"description\":\"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!\",\"breadcrumb\":{\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg\",\"contentUrl\":\"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg\",\"width\":225,\"height\":170,\"caption\":\"Internet security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/antivirus.comodo.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"A New Attack That Turns Antivirus Software Into Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#website\",\"url\":\"https:\/\/antivirus.comodo.com\/blog\/\",\"name\":\"Comodo Antivirus Blogs | Anti-Virus Software Updates\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/antivirus.comodo.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462\",\"name\":\"seo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g\",\"caption\":\"seo\"},\"url\":\"https:\/\/antivirus.comodo.com\/blog\/author\/seo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Attack Turns Antivirus Software into Malware | Comodo News","description":"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/","og_locale":"en_US","og_type":"article","og_title":"New Attack Turns Antivirus Software into Malware | Comodo News","og_description":"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!","og_url":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/","og_site_name":"Comodo Antivirus Blogs | Anti-Virus Software Updates","article_published_time":"2017-04-03T05:43:56+00:00","article_modified_time":"2020-08-25T07:58:35+00:00","og_image":[{"width":225,"height":170,"url":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg","type":"image\/jpeg"}],"author":"seo","twitter_card":"summary_large_image","twitter_misc":{"Written by":"seo","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/","url":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/","name":"New Attack Turns Antivirus Software into Malware | Comodo News","isPartOf":{"@id":"https:\/\/antivirus.comodo.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage"},"image":{"@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg","datePublished":"2017-04-03T05:43:56+00:00","dateModified":"2020-08-25T07:58:35+00:00","author":{"@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462"},"description":"A new malware named Double Agent has been found to turn Antivirus software into malware. Stay aware and be protected now.!","breadcrumb":{"@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#primaryimage","url":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg","contentUrl":"https:\/\/antivirus.comodo.com\/blog\/wp-content\/uploads\/2017\/04\/RF-10639_thb_4.jpg","width":225,"height":170,"caption":"Internet security"},{"@type":"BreadcrumbList","@id":"https:\/\/antivirus.comodo.com\/blog\/computer-safety\/a-new-attack-that-turns-antivirus-software-into-malware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/antivirus.comodo.com\/blog\/"},{"@type":"ListItem","position":2,"name":"A New Attack That Turns Antivirus Software Into Malware"}]},{"@type":"WebSite","@id":"https:\/\/antivirus.comodo.com\/blog\/#website","url":"https:\/\/antivirus.comodo.com\/blog\/","name":"Comodo Antivirus Blogs | Anti-Virus Software Updates","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/antivirus.comodo.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/e534eccce9a7e6ced088443c73329462","name":"seo","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/antivirus.comodo.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3b7714e98dafc3a3b391832c0f5e2b406856b62c8e81ad94382c197cdb380790?s=96&d=mm&r=g","caption":"seo"},"url":"https:\/\/antivirus.comodo.com\/blog\/author\/seo\/"}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/1626","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/comments?post=1626"}],"version-history":[{"count":32,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/1626\/revisions"}],"predecessor-version":[{"id":15196,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/posts\/1626\/revisions\/15196"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/media\/1685"}],"wp:attachment":[{"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/media?parent=1626"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/categories?post=1626"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antivirus.comodo.com\/blog\/wp-json\/wp\/v2\/tags?post=1626"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}