Ransomware attackers introduce new EDR killer to their arsenal

Ransomware attackers introduce new EDR killer to their arsenal

dhruv2193 Offline

Senior Member

Posts: 443
Threads: 153
Thanks Received: 594 in 353 posts
Thanks Given: 912
Joined: 25 October 17

16 August 24, 14:10 (This post was last modified: 21 August 24, 11:21 by jasonX.)

Quote:Sophos analysts recently encountered a new EDR-killing utility being deployed by a criminal group who were trying to attack an organization with ransomware called RansomHub. While the ransomware attack ultimately was unsuccessful, the postmortem analysis of the attack revealed the existence of a new tool designed to terminate endpoint protection software. We are calling this tool EDRKillShifter.

Full Article_Source

RansomHub's New Malware EDRKillShifter

Additional Info HERE

The following 2 users say Thank You to dhruv2193 for this post:
• harlan4096, jasonX

Find

« Next Oldest | Next Newest »

View a Printable Version

Forum Jump:

Users browsing this thread: 1 Guest(s)

Welcome
You have to register before you can post on our site. Username/Email: Password: Remember me

Recent Posts
QOwnNotes
26.5.14 Fixed cha...Kool — 02:23
CrystalDiskInfo 9.9.1 [2026/05/23]
9.9.1 Improve...harlan4096 — 09:40
Vivaldi 8.0 Build 4033.34
Vivaldi 8.0 Build ...harlan4096 — 09:37
K-Lite Codec Pack 19.7.0 / 19.7.1 Update
Changes in 19.7.0:...harlan4096 — 07:19
Sophos Home for Windows 2025.2
Applies to: Sophos...harlan4096 — 07:15

Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
(39)axuben
(40)ihijudu

Online Staff
There are no staff members currently online.

Login
Username/Email:
Password:	Lost Password?
	Remember me