Microsoft Defender has been the default anti-virus program installed on Windows since Vista launched. However, it might not be able to protect users anymore. A seemingly innocent NFT game virus reportedly compromised a user’s systems and gained access to their Google account, which was protected by two-factor authentication (2FA).
The incident came to light in September when a Reddit user posted on the r/CryptoCurrency subreddit warning against a trojan that stole over $24,000 from the users’ crypto accounts. Not only was the Trojan able to gain access to their system, but it also installed a malicious Chrome extension disguised as Google Keep that could access every website visited, steal saved login data, and monitor anything copied from and pasted within the browser.
SafetyDetectives tested the app, which is being distributed on a “typical NFT gaming website” that offers monetary rewards for playing the game. The test was run on an isolated virtual machine with Microsoft Defender, Bitdefender, and Malwarebytes.
Microsoft Defender was the first to fall. Despite the program running in the background, the malware could access the system and extract information without triggering any alarms. Bitdefender couldn’t block the malware’s installation immediately, but it stopped it from accessing critical information, including browsing history, cookies, and login credentials.
Malwarebytes was the most effective against the threat — blocking its installation and preventing the attack. However, despite Malwarebytes intervening before Bitdefender, neither of the security programs is inherently better at dealing with this type of malware. The victim did have Malwarebytes installed on their system, but they were using the free version, which doesn’t provide real-time protection. By the time the victim ran a scan, Malwarebytes could quarantine the malware from the rest of the system, and the damage had already been done.
In the News: Russian hackers target 62 organisations across 11 countries