News & Insights
Blumberg Capital portfolio news, startup growth resources and industry insights
The Clever ‘DoubleAgent’ Attack Turns Antivirus Into Malware
Mar 23, 2017
By Lily Hay Newman
YOUR ANTIVIRUS SOFTWARE might come with some annoyances. It might slow your computer down, or pop up so many alerts that you can’t tell when something is actually wrong. But researchers have discovered a more sinister downside: A well-intentioned debugging tool found in many versions of Microsoft Windows can be used maliciously to gain access to vulnerable antivirus programs, and weaponize them.
Discovered by researchers at the Israeli cybersecurity defense firm Cybellum, the so-called “DoubleAgent attack” takes advantage of the Microsoft Application Verifier, a tool used for strengthening security in third-party Windows applications, to inject customized code into programs. The approach could potentially manipulate any software target, but antivirus programs would be particularly appealing to an attacker since they have such extensive system privileges for scanning.
Related Articles