A new sample of the GootKit malware family evaded detection from Windows Defender by setting a path exclusion.

According to Bleeping Computer, malware researcher and reverse engineer Vitali Kremez analyzed a new sample of GootKit malware and found that it came with a way to bypass Windows Defender.

The bypass began when the malware sample ran some code to determine whether Windows Defender was running on the infected machine. If it was, GootKit executed a command to create a registry value as part of a User Account Control (UAC) bypass. It then progressed through a sequence of commands in which it whitelisted the malware executable path, thereby effectively shielding the sample from Windows Defender.

Bleeping Computer noted that this bypass would work even if Microsoft began detecting this particular GootKit sample in the future, noting that the malware’s path would still be hidden from Windows Defender in future attacks.

Malware Evasion Techniques Are Trending

The GootKit sample detected by Kremez isn’t the only threat to use evasion-based tactics in recent months. In July, Bleeping Computer reported on a sample of the TrickBot banking Trojan family that arrived with 12 new modules designed to disable Windows Defender and Microsoft Defender APT. About a month later, FortiGuard Labs observed a new Ursnif sample hiding its API functions and encrypting most data in its main module. Then, in early September, Cofense detected a phishing campaign that used SharePoint to evade email perimeter technologies in its effort to prey on banks.

How to Defend Against GootKit Malware

Security professionals can help defend their organizations against GootKit malware by using a unified endpoint management (UEM) solution to monitor all devices for suspicious activity and take any necessary precautions. Companies should also consider investing in artificial intelligence (AI)-based technology to defend against attacks that use evasion and other tactics to bypass traditional security solutions.

More from

CEO, CIO or CFO: Who Should Your CISO Report To?

As we move deeper into a digitally dependent future, the growing concern of data breaches and other cyber threats has led to the rise of the Chief Information Security Officer (CISO). This position is essential in almost every company that relies on digital information. They are responsible for developing and implementing strategies to harden the organization's defenses against cyberattacks. However, while many organizations don't question the value of a CISO, there should be more debate over who this important role…

Malware-as-a-Service Flaunts Its Tally of Users and Victims

As time passes, the security landscape keeps getting stranger and scarier. How long did the “not if, but when” mentality towards cyberattacks last — a few years, maybe? Now, security pros think in terms of how often will their organization be attacked and at what cost. Or they consider how the difference between legitimate Software-as-a-Service (SaaS) brands and Malware-as-a-Service (MaaS) gangs keeps getting blurrier. MaaS operators provide web-based services, slick UX, tiered subscriptions, newsletters and Telegram channels that keep users…

How the Silk Road Affair Changed Law Enforcement

The Silk Road was the first modern dark web marketplace, an online place for anonymously buying and selling illegal products and services using Bitcoin. Ross Ulbricht created The Silk Road in 2011 and operated it until 2013 when the FBI shut it down. Its creator was eventually arrested and sentenced to life in prison. But in a plot twist right out of a spy novel, a cyber attacker stole thousands of bitcoins from Silk Road and hid them away. It…

Data Privacy: How the Growing Field of Regulations Impacts Businesses

The proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. Today's AI Solutions On April…