Comment on SoupDealer Malware Bypasses Every Sandbox, AV's and EDR/XDR in Real-World Incidents

frongt@lemmy.zip ⁨2⁩ ⁨weeks⁩ ago

In live incidents, SoupDealer bypassed host‐based antivirus checks by confirming no security products were active before proceeding.

That’s a pretty narrow victim demographic. Windows has Defender enabled out of the box. I don’t see any investigation on the C2 connection, either, so I’m left wondering who the attacked and intended targets are.

source
Sort:hotnewtop