Windows Security Twisted to Block Security Tools
TrendMicro is reporting that bad guys in Japan are abusing Microsoft's security functionality, Software Restriction Policies, to disable security tools. The malware, termed BKDR_VAWTRAK, searches for commonly used security applications. If a security application is detected, the malware modifies the registry keys such that Software Restriction Policies will run the security software in a restricted state -- rendering it useless. The malware is distributed using malicious emails and compromised websites. This malware is being used to facilitate unauthorized banking transactions in Japan. Quoting TrendMicro, [The Japanese] National Police Agency mentioned that the current estimated total cost of unauthorized transactions suffered by [...]