Success Story: Malwarebytes delivers fast response and remediation for “invisible” malware to campuses and students

A Christian College created a malware-free curriculum by using Malwarebytes Endpoint Protection advanced threat prevention solutions.

Waverley Christian College provides 1,900 students in Victoria, Australia with a quality Christian education experience. A fileless malspam attack made it clear that the previous antivirus solution wasn’t up to the test, so the Christian College turned to Malwarebytes.

What they wanted to do

Detect and prevent malware from being deployed on College systems

What they did

Deployed Malwarebytes Endpoint Protection using education licensing

What they achieved

Identified and remediated new, previously unknown fileless malware within a few hours

Rapidly deployed advanced, multi-vector protection

Gained protection across all systems—online and offline

Challenge

With 2100 endpoints across two campuses, the 6-person Waverley Christian College ICT team has an extensive cyberattack surface to defend. All was going well until a previously unknown malware payload was deployed on several staff systems, which caused the machines to exhibit intermittent problems.

The team saw the spam email arrive, however, several College staff members had already responded to the email and unknowingly installed the malicious payload.

Although their previous antivirus detected a malicious email payload, it couldn’t identify or clean it up. The ICT team removed systems from the network to prevent the threat from moving laterally to other systems. They activated Microsoft AppLocker as an extra control to stop unapproved applications and scripts from being executed. But the malware remained invisible. Mr. The team searched the Internet to learn more about the malware. During their search, they came across Malwarebytes Endpoint Protection with Multi-Vector Protection and integrated remediation capabilities.

Solution

The Malwarebytes team first scanned the affected systems and found…nothing. That meant the threat was a type of fileless malware, so they retrieved Farbar Recovery Scan Tool (FRST) logs and registry information from the affected Windows systems. This data revealed a new, unknown variant of EMOTET, a banking trojan, which leveraged a fileless PowerShell script and DLL library to hide in the system registry. Unchecked, EMOTET can steal passwords and administrator credentials, emailing itself to address book contacts, and copying itself across the network via shared folders.

Now the Malwarebytes Research team had what they needed to quickly create and publish a new detection rule that addressed this zero-day threat. Within hours, Waverley Christian College and Malwarebytes customers worldwide could surgically target and clean this EMOTET trojan infection. The team also found the ability to site-license the product for their two campuses made their decision a lot easier. Waverley Christian College replaced the previous antivirus with Malwarebytes Endpoint Protection.

Benefits

Fast speed-to-protection

In 12 days, Waverley Christian College had tried, chosen, and deployed Malwarebytes across its two campuses. The ICT team used Microsoft System Center Management to push out Malwarebytes to its endpoint systems. The software was deployed and protecting users within three hours.

Better protection performance

Since adopting Malwarebytes, the College has protected users and systems against a wide range of PUPs, malware, malicious websites, and malspam. The College considered Microsoft ATP to defend Office 365 email, but chose Malwarebytes for broader protection. Malwarebytes defends against threats that are activated when malicious links and file attachments are launched, as well as threats arriving from non-Microsoft email domains such Gmail and HotMail.

At-a-glance visibility

Malwarebytes makes it easy for the ICT team to stay apprised of potential threats. The Malwarebytes Endpoint Protection cloud console provides an instant overview of College systems and their cyber-health status. The easy-to-use console enables anyone on the team to gain visibility into specific threats, and alerts notify the team of anything requiring immediate attention.

Read more about the success stories of Malwarebytes >

ASK US

GOT A QUESTION?

[formidable id="8"]