The malware leverages a legitimate Avast Anti-Rootkit driver, ‘aswArPot.sys’, dropped as ‘ntfs.bin’, to bypass security measures, which provides a stealthy channel for the malware to execute malicious activities without triggering alarms.  It makes use of Service Control in order to incorporate a malicious kernel driver known as “aswArPot.sys,” which is derived from a genuine Avast … Continue reading Hackers Exploit Avast Driver to Dodge Security Tools