Backdoor factory: Is Malware Hiding Inside your Applications?

Backdoor factory: Is Malware Hiding Inside your Applications?

Backdoor Factory: Is there malware hidden inside your applications?

Most users are allowed to have administrative privileges that enable them to download and install applications from the web. This makes it very easy for attackers to plant hidden malware and compromise devices. One of the tools that are being used to do this is called Backdoor factory, and the reason for its popularity is it able of maintaining the size of the file while still keeping the full executable functionality.

The SentinelOne agent provides several ways of preventing and mitigating such attack flows, both on Windows and macOS. On this demo, you can see how SentinelOne agent is mitigating it pre-execution using 2.1 version.
For this demo, we used process explorer (Microsoft file) that was manipulated by Backdoor Factory to include a malicious code.

 

 

Want to learn more about SentinelOne?
Request a demo today by Clicking Here and see how SentinelOne can help keep you #cybersecure

Let’s Stay in Touch!
Subscribe to our blog above and get content delivered straight to your inbox or follow us on LinkedInTwitter, and Facebook to stay up to date on the latest news in cybersecurity!