Home - Article

Featured Article

March 22, 2017

URGENT: New Malware Can Weaponize Windows Antivirus Software

Is your business using third party antivirus software to protect its Windows machines? If so, your software may be vulnerable to a cyberattack.

A new proof-of-concept exploit has been discovered, called DoubleAgent, which targets Windows antivirus software and transforms it into malware. This attack can be used to encrypt private files and hold them for ransom. The malware does this by exploiting a vulnerability in Microsoft Application Verifier, which fixes bugs in native applications.

Researchers at Cybellum recently found the attack to be effective against 14 antivirus products, as well as other computer processes. However, no DoubleAgent attacks have been reported in the wild yet.

According to Network World, as of today just two out of the 14 antivirus vendors that have been notified about the vulnerability — Malwarebytes and AVG — have taken steps to address the issue. Bitdefender, Avira, Avast, Trend Micro, Comodo, ESET, Kaspersky, Panda, McAfee, Quick Heal and Norton have yet to take action although several vendors have released statements.

Here are some, courtesy of Network World:

"At this time, we have confirmed that Titanium is the only product affected by this vulnerability, and we do have a patch in the works to be published as an urgent security bulletin later this morning.”—Trend Micro

"No we are not vulnerable to this AppVerifier injection...For this attack to be successful, [the] malware author should be able to bypass [Comodo Internet Security] protection. CIS by-default allows only whitelisted applications to modify such critical keys. Non-whitelisted applications will be either blocked or sandboxed rendering the attack ineffective." – Comodo Vice President of Worldwide Engineering Egemen Tas

"Kaspersky Lab would like to thank Cybellum Technologies LTD for discovering and reporting the vulnerability which made a DLL Hijacking attack possible via an undocumented feature of Microsoft Application Verifier. The detection and blocking of this malicious scenario has been added to all Kaspersky Lab products from March 22, 2017." – Kaspersky Lab

Perhaps the scariest part of this attack is the fact that it is incredible easy to deploy. According to Cybellum CEO Slava Bronfman, just about anyone can do it — even someone “with the coding skills of a script kiddie.” It simply requires downloading the code from an infected website or by opening a malicious attachment. So now that the attack has been made public, you can bet your bottom dollar that hackers will start using it against businesses. 

So if you are using antivirus software to protect your business, make sure to contact your vendor to find out if your solution is vulnerable to the DoubleAgent attack. Take action before hackers  do.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentationwhich pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.

Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.


Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...



Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...



Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...


Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs

Contact us Now!