Double Agent Malware Infects Security Solutions
A malware attack dubbed Double Agent has been discovered by security vendor, Cybellum. It is reported, although this attack has been discovered, it has not been yet witnessed in the public.
Double Agent effectively uses a 15 year-old vulnerability within the Windows operating system. The security gap is associated with Microsoft Application Verifier, which can be found on all Windows PCs ranging from XP to Windows 10. What is troubling being, by gaining access to Microsoft Application Verifier, this malware variant has access to all of the legitimate programs on your PC. Since Double Agent has access to this platform, it has been able to successfully alter 14 different anti-virus solutions by adding malware to their platforms. The 14 impacted security solutions include:
- Trend Micro
- Quick Heal
All of the AV programs have had over 90 days to patch the vulnerability; however, out of these 14 programs that have been compromised, only four have been effectively patched. According to Network World, those are AVG, Kaspersky, Trend Micro and Malwarebytes.
Although this malware variant could infiltrate various other programs that are verified by Microsoft, it does not. It chooses security solutions because they are trusted by PC users, and have access to the entire PC. It’s essentially the golden key.