Glassertje 0 Posted April 30 Share Posted April 30 Just now i saw on Reddit this article. ViperSoftX info-stealing malware now targets password managers Does Eset protects against ViperSoftX? I use Internet security. Link to comment Share on other sites More sharing options...
itman 1,627 Posted April 30 Share Posted April 30 (edited) Good question since the TrendMicro article states that the malware checks for; Quote Lastly, ViperSoftX checks for a few installed and active antivirus products, namely: Windows Defender ESET If all checks pass, the malware proceeds to decrypt the PowerShell code and starts downloading the main ViperSoftX routine. From there, the routine is its standard multistage download and execution routine. https://www.trendmicro.com/en_us/research/23/d/vipersoftx-updates-encryption-steals-data.html This implies it can bypass either. -EDIT- Also, the above statement is ambiguous. It could also mean that the malware won't run if either Eset or MD is installed. I checked a few IOCs here: https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/d/vipersoftx-updates-encryption-steals-data/IOCs_ViperSoftX-updates-encryption-steals-data.txt including the PowerShell script and Eset didn't detect any of them at VirusTotal. Edited April 30 by itman Link to comment Share on other sites More sharing options...
itman 1,627 Posted April 30 Share Posted April 30 Would have helped if I read the entire bleepingcomputer.com article first. The malware won't execute if Eset is installed; Quote Upon arrival, the malware also checks for specific virtualization and monitoring tools like VMWare or Process Monitor and antivirus products like Windows Defender and ESET before it proceeds with the infection routine. Link to comment Share on other sites More sharing options...
Glassertje 0 Posted April 30 Author Share Posted April 30 @itman Thank you for the link to Trentmicro. I read the article and it seems it comes in a crack/patch/keygen. I don't use these sort of things. So that's quite reassuring. I find it interesting that the malware don't proceed if only Eset or Defender is installed. Now it looks that no other AV package can detect/stop this malware. Not a long time ago i was using KeepassXC, but that did not feel good. So i switch to Bitwarden. Link to comment Share on other sites More sharing options...
el el amiril 0 Posted May 1 Share Posted May 1 following Link to comment Share on other sites More sharing options...
Recommended Posts