Anti virus software can apparently be hijacked by devious cyber criminals
Windows PC users have been warned that their anti virus software may not be quite as secure as previously thought.
Researchers have discovered that anti-virus apps and services can be hijacked and turned into malware using a particularly nasty attack.
The attack, which affects some of the world’s leading anti-virus software services, can affect any computers running Windows 10, as well as past generations of Microsoft’s software.
The biggest cyber-attacks, hacks and data breaches Wed, March 15, 2017
From viruses to data breaches, cyber-crime is far from a modern invention – here is Express.co.uk's list of some of the biggest attacks in history.
Play slideshow GETTY 1 of 13
Google's Chinese operations were targeted in 2009
The attack, named DoubleAgent, was discovered by researchers at security firm Cybellum, which says it exploits a 15-year old vulnerability in Windows.
It targets Microsoft’s Application Verifier tool, which is used by developers to detect and fix and faults in their apps.
Attackers are able to inject their own code in to hijack Application Verifier, meaning they can use the tool for their own use, including gaining control over any antivirus software submitted for verification.
DoubleAgent was discovered by security firm Cybellum
Once complete, this could allow the hijackers to use a cracked version of antivirus software to upload their own malware to a victim’s PC.
As many antivirus programs are considered trusted entities, the hijacked programs would also be able to carry out a range of operations and simply bypass all existing security protection.
Get Quotes on Home Insurance
From there, the hackers could also simply scan the device for valuable information that can be stolen and sold on.
However as many antivirus programs are able to gain complete power over your entire PC in order to carry out through scans, the malware could even be used to easily encrypt all your files or even format your hard drives.
Cybellum says that the attack has been tested and proven on all the major antiviruses as well as of all versions of Microsoft Windows.
Leading antivirus products such as Avast, Trend Micro and McAfee were all affected, as well as offerings from the likes of Kaspersky, Malwarebytes and Norton.
Cybellum has reported its findings to all affected vendors, and says many are now currently working on finding a solution and releasing a patch.
However the flaw can affect all versions of Microsoft Windows, starting from Windows XP up to the latest version of Windows 10.