While the attack vector is completely obvious when you think about it, the gumption to do it is novel. Of course this is the best way to exfiltrate data, it's on a blessed path and no one will really bat an eye. Let's see how corporate-mandated anti virus deal with this!

▲

uzy777 5 days ago | parent [-]

How can an antivirus even prevent this?

	▲	panki27 5 days ago \| parent \| next [-]
		Just needs to prevent the system from booting, like CrowdStrike did
	▲	nickstinemates 5 days ago \| parent \| prev [-]
		It can't