A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing a total of 34 vulnerable drivers. EDR killer programs have been a common presence in ransomware intrusions as they offer a way for affiliates to neutralize security software before deploying file-encrypting malware. This
![]()
source https://thehackernews.com/2026/03/54-edr-killers-use-byovd-to-exploit-34.html
source https://thehackernews.com/2026/03/54-edr-killers-use-byovd-to-exploit-34.html