Cyber Creatures

  🧠 Introduction (Human-Friendly) Cybercriminals are evolving fast. Instead of directly attacking systems, modern ransomware gangs are now disabling your security tools first — and then launching the real attack. A dangerous trend has emerged where attackers trick users into running PowerShell as Administrator and pasting malicious code. At the same time, ransomware gangs are heavily using EDR Killers — tools designed to shut down security solutions before encryption begins. 📌 Attack Summary (Simple Explanation) Attackers trick users into opening PowerShell with admin rights Victims are socially engineered to paste malicious scripts Scripts silently: Disable antivirus/EDR tools Download payloads Establish persistence Ransomware is deployed after security defenses are removed 👉 Meanwhile, ransomware gangs are also using EDR Killers : Tools that terminate or bypass security software Often use vulnerable drivers (BYOVD technique) Allow attackers to operate un...