This is how they trick your antivirus into deleting important files

0
71

Having an antivirus is essential to maintain security when browsing the Internet. However, keep in mind that it is not infallible and hackers can find methods to attack. In fact, they could even trick antivirus into deleting important Windows files. In this article we are going to talk about how this can happen and what you should take into account to protect yourself as much as possible.

How they trick the antivirus to delete files

This is a discovery made by Or Yair. It is a method that allows you to trick the antivirus into deleting files that actually belong to the Windows system. Basically the discovery is that they can manipulate the detection and response of antivirus and act in an undesired way.

This flaw can be exploited through user accounts without the need to have administrator privileges. With that alone they could delete files from the system. This exploit could be used to delete files that are really important and cause the computer to not start or lose certain essential functions.

A malware of this type will have the clear objective of acting as a file destroyer and causing damage to the computer. It must be taken into account that an antivirus is a very useful tool to eliminate threats, but it can backfire if an attacker manages to exploit a vulnerability and make it delete files that are necessary.

What he did to prove his theory was to create a malicious file in a temporary directory that redirected to an important system file just as the antivirus detected the threat and removed it. To avoid the problem of the antivirus removing it immediately, what he did was to keep the file open. In this way, security programs re-requested access to remove it.

So what you basically needed was to create a malicious file on the system with a special path, keep it open so the antivirus can’t delete it, delete the directory, and create a link to point from the deleted directory to another.

Exclusion problem with Windows antivirus

Several vulnerable antiviruses

In total Or Yair tested 11 major antiviruses. 6 of them were vulnerable to this bug and here we can name some like Windows Defender or Avast. However, all these antiviruses have already released updates to correct the problem so that this cannot happen anymore and protect the systems correctly.

Therefore, our advice is to make sure you have the latest version of the antivirus. It doesn’t matter which one you have installed, as there can always be vulnerabilities that cause security to not be as good as it should be. Install any new version that there is and you must apply the same in any program or system that you use.

Now, you should know that security is not just having an antivirus. That is, even if you have the best installed, you could still be the victim of different attacks on the Internet. For example, they sneak a false link that is actually Phishing and steal your passwords. That is where common sense comes into play and knowing how to recognize false links.

In short, as you can see, they have detected a new trick that could eliminate important files from the system. It is essential that you use an antivirus, but it is also essential that it is updated to the latest version and thus avoid problems.

Previous articleImpersonating someone else or having a fake profile is now up to 1 year in jail
Next articleSpain will manufacture a new electric car at the Mercedes plant in Vitoria

LEAVE A REPLY

Please enter your comment!
Please enter your name here