Scarecrow, a software that pretends to have multiple security analysis tools to avoid installing malware



Many people have installed security software such as

Norton or Virus Buster when using a PC. Scarecrow , created by a group of cybersecurity researchers based in the UK, is not a security software, but when executed, it has the effect of making it look like there is a security analysis tool that makes malware hesitate to launch.

Cyber Scarecrow
https://www.cyberscarecrow.com/



When a hacker installs malicious software on a user's PC, they first check that the software is safe to run, and if they see that the software has security analysis and anti-malware tools, users are more likely to avoid installing the malicious software.

So a group of cybersecurity researchers have built and shared a piece of software called Scarecrow that disguises the presence of a security analysis tool, to discourage hackers from launching malware.

The Scarecrow download page is below.

Cyber Scarecrow

https://www.cyberscarecrow.com/download

Enter your name and email address and click 'Get Scarecrow.' The site notes that the information you enter will not be shared or used to send spam.



When you click 'Get Scarecrow', a 69.3MB executable file will be downloaded, so launch the file.

When the Scarecrow installer starts, check 'I agree to the license terms and conditions' and click 'Install.'



After a while, the installation will be completed. Click 'Close' to close the installer.



A Scarecrow icon appeared in the Windows notification area.



Scarecraw does not require any configuration to work. Right-clicking on the icon opens a settings screen where you can see the signal of the fake software running in the background and click 'Stop' to end the program.



According to the developer, Scarecrow creates signals that make it appear as if virtualization tools such as 'ProcessHacker', 'x64dbg', 'tcpview', 'proc_analyzer', 'vboxservice', 'qemu-ga', debugging tools, and general security analysis tools are installed, and if malware that is hesitant to invade is found, it will remove it. Registry entries are also created to make it appear as if various tools are installed.

Regarding Scarecrow's requirements, the developer states, 'Scarecrow is an ultra-lightweight software, so the performance requirements are very low, but it requires 64-bit Windows 10 or later.'

Regarding how Scarecrow was developed, the developer said, 'The idea for Scarecrow came from a report by a security expert who reverse-engineered how malware works. Before installing itself on a target PC, the malware checks various indicators on the PC to ensure that it is not being run on a security researcher's machine or in a hostile environment. That's where Scarecrow was born.'

Scarecrow is available for Windows 10 and Windows 11, and may be available for macOS in the future.

in Review,   Software,   Security, Posted by log1r_ut