AUSTIN, Texas, Sept. 29, 2022 /PRNewswire/ -- Halcyon, the first endpoint resilience platform built to stop ransomware, today announced that it had prevented a ransomware attack from occurring at a US-based insurance provider. Within 30 days of deploying the Halcyon platform, Halcyon detected and stopped a threat that bypassed the customer's own instance of a market leading EDR (Endpoint Detection and Response). The specific malicious variant uncovered during the deployment was the well-known trojan Emotet, which is typically used during the first stage of a ransomware campaign. Emotet has infected over 1.6 million victim computers worldwide and is responsible for hundreds of millions of dollars in damage.
"All security products are bypassed daily by ransomware which is why the exponential growth of cybercrime continues unabated," said Jon Miller, CEO and Co-Founder of Halcyon. "During the first month of the Halcyon platform being deployed on our customer's network, we uncovered a loader of Emotet that was completely missed by three market leading EDR/XDR vendors. In fact, as of 9/20/2022 at 9:00 AM more than half of the endpoint vendors still do not see this loader as malicious. This is further justification that even with the latest and greatest EDR/XDRs, security teams should still deploy an additional layer of anti-ransomware protection like the Halcyon platform to prevent catastrophic damage to their organization."
Halcyon was able to stop this threat from impacting its customer's ability to operate by stopping it at the stage one dropper phase of the attack. Emotet is commonly used to first gain a foothold on a target system without triggering security products then dropping or loading additional malicious code. Emotet has been dubbed one the most prevalent threats of the decade and despite the operator network being disrupted in early 2021, it is still impacting victims in 2022.
"Emotet is a nasty threat that has morphed over the years from a simple banking trojan to a loader and then to a global botnet with access to infected networks sold for pennies on the dollar," said David Bonvillain, SVP, Field Engineering at Halcyon. "We are glad to have prevented this from infecting our customer's 7,000+ endpoints as it could have been used as a launching pad into thousands of additional organizations and as an initial stage of a ransomware compromise. While this sample is not a 0-day, the customer's existing EPP/XDR did not catch it, showing that additional layers of defense and resilience can add immediate value."
Halcyon will provide the full technical details of this threat in a future blog post available on www.halcyon.ai. To get a demonstration of the Halcyon platform and get more information about the company, visit our website.
Halcyon, the endpoint resilience company, has pioneered a new approach to preventing ransomware from disrupting businesses and organizations of all sizes. Built from the ground-up on an AI-micro model foundation, the Halcyon platform offers multi-layered protection against ransomware attacks and the ability to recover encryption keys in the case of complete system compromise. Designed to cover the gap left by existing security tools, Halcyon offers a lightweight and conflict-free agent that works alongside the most popular endpoint products to offer enhanced protection against ransomware.
Learn more: www.halcyon.ai
Follow Us: LinkedIn
Contact:
Ryan Golden
CMO
[email protected]
SOURCE Halcyon
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article