In a concerning development, the source code of AvEleminator software has been made available for sale by a threat actor. AvEleminator appears to be a tool designed for malicious purposes. This tool aims to neutralize the effectiveness of antivirus (AV), endpoint protection platforms (EPP), and endpoint detection and response (EDR) security software. It serves as a means for bad actors to bypass or disable such security measures.
Operating using a chain of certified signed drivers, AvEleminator is intended to neutralize specific AV / EPP / EDR products. It could potentially be utilized by cybercriminals to propagate malware or inflict harm upon systems.
List of Affected EDR, EPP, and AV Solutions
- Windefender
- NOD
- ApexOne [TrendMicro]
- Crowdstrikefalcon
- Sentinel
- Sophos
- Avast
- Bitdefender
It underscores the importance of heightened vigilance and proactive security measures to mitigate the potential impact of such malicious tools on cybersecurity.