202121 Sep

What is the Eicar Test File and How to Remove It

Summary

While its initial purpose was indeed noble in nature, the Eicar test file has been hijacked subsequently and could be used by unscrupulous people to find security vulnerabilities on the targeted Mac systems. Upon detecting such weaknesses, the threat actors could then decide to escalate the attack by exploiting the vulnerabilities to deliver malware payloads. The specific threats dropped onto the compromised device could include ransomware, backdoors, Trojans, spyware, crypto-miners, and more, depending on the goals of the attackers. There are numerous distribution techniques created specifically to mask the fact that an intruder application is being installed or downloaded to the system. As such, the Eicar test file might have been delivered through a corrupted pop-up advertisement that the user clicked on or by being bundled alongside another more desirable software product.

Source: Enigmasoftware

Classifications

Companies