EDR killers explained: Beyond the drivers

ESET Research examines the widespread use of almost 90 "EDR killers" in modern ransomware operations, describing how affiliates adopt BYOVD vulnerable drivers, anti-rootkits, scripts, and emerging driverless tools to disable EDR/AV prior to encryption; the report includes threat actor examples, commercialization trends, IoCs (file hashes and vulnerable drivers), MITRE ATT&CK mappings, and recommends multilayered defenses beyond simple driver blocking.