A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.
Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 vendors’ antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.
Double Agent was discovered by Cybellum researchers and has not been seen in the wild.
“The attack was reported to all the major vendors which approved the vulnerability and are currently working on finding a solution and releasing a patch,” according to a Cybellum blog. All the vendors were notified more than 90 days ago, which is the standard length of time for responsibly disclosing vulnerabilities and giving vendors time to fix them.
In this case two out of 14 antivirus vendors that have been notified have taken steps to deal with the problem – AVG and Malwarebytes, says Slava Bronfman Cybellum’s CEO. The other 12 that have been notified are Avast, Avira, Bitdefender, Trend Micro, Comodo, ESET, F-Secure, Kaspersky, McAfee, Panda, Quick Heal and Norton.
Bronfman says there’s no particular flaw with the antivirus platforms; the DLLs could be inserted into any process. Cybellum chose to attack them because they make an effective attack surface because they are trusted by other applications on the computers, including other security software.
“Antivirus is most important attack we could do,” he says. “If you attack an organization, not just consumer, you can get full control over the organization. No other security examines the antivirus. It will bypass all the huge stack of security products you might have.”
The workaround being used by AVG and Malwarebytes involves patching the antivirus software to look for any process trying to write to the antivirus registry and then block it, he says. “Antivirus is in the kernel with a driver that can see almost everything,” he says.
Meanwhile organizations might try increasing diligence about downloads to stop Double Agent from accessing machines.
Cybellum says that three years ago Microsoft provided a new design concept that antivirus vendors could use that is called Protected Process and is meant specifically to protect antivirus software. Vendors could write their platforms so they are considered protected processes that would only allow trusted, signed code to load on them. So the code would be protected from any code-injection attack, including Double Agent.
Double Agent takes advantage of a quirk of Microsoft Application Verifier, a tool that detects and fixes bugs in native applications. This is performed by something known as a “verifier provider DLL” that gets loaded into the applications at runtime.
Microsoft Application Verifier allows creating new verifier DLLs and registering them with a set of keys for it that get stored in the registry. “Once a DLL has been registered as a verifier provider DLL for a process, it would permanently be injected by the Windows Loader into the process every time the process starts, even after reboots/updates/reinstalls/patches/etc.,” Cybellum says. In other words, the DLL persists.
This vulnerability is actually an undocumented feature of Microsoft Application Verifier and part of the Windows Kernel, Bronfman says, so it’s unlikely to be removed anytime soon.
Bronfman says executing the attack could be done by someone with the skills of a script kiddie. The attack code can be downloaded directly from a malicious Web site or opening a malicious attachment, he says.