Kudos0

HermeticWiper Malware

Norton vs. HermeticWiper Malware 

Replies

Kudos0

Re: HermeticWiper Malware

Does Norton protect against HermeticWiper Malware ?
Kudos0

Re: HermeticWiper Malware

Yes, Symantec/Broadcom which is the security engine and data provider has detected the first variant of this malware in November 2021. 

There is a detailed article here:

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence...

According to AV-Comparatives, all major business and consumer products protect against variants of Hermetic Wiper:

https://www.av-comparatives.org/av-comparatives-tests-anti-virus-softwar...

However, due to the nature of the attack (state-sponsored), you are unlikely to be affected by it, unless you work for a government or other organisation located in one of the affected countries.

Because part of the payload consists of executable *.exe file, Norton would stop the attack by reputation before it has become familiar. Problem would be if the attack is completely fileless (from a malicious document to the RAM directly). In that case many antivirus technologies would be bypassed, but features such as SONAR and Scripts Control would still be able to prevent it. In addition, malicious websites related to the attack might be blocked by Safe Web.

It looks like the creators weren't smart enough to go the fileless road though. Good thing they didn't study Aggah/Hagga attacks prior to their development.

This thread is closed from further comment. Please visit the forum to start a new thread.