I kinda wonder if Microsoft should modify its APIs to pretend to have a random subset of common reverse-engineering tools always present.

hoffmanlabs@infosec.exchange

I kinda wonder if Microsoft should modify its APIs to pretend to have a random subset of common reverse-engineering tools always present.

Or to modify Defender to detect queries looking for these tools.

Dissecting CrashFix: KongTuke's New Toy | Huntress

Fake ad blocker crashes your browser, then offers a "fix." Go inside KongTuke's CrashFix campaign, from malicious extension to ModeloRAT for VIP targets.

Huntress (www.huntress.com)