Publicly-reported instances of Indicator Removal bypassing endpoint security products. Maintained on the same basis for every technique in the Index.
| Product | Entries | High-confidence | Most recent |
|---|---|---|---|
| Kaspersky | 2 | 2 | 2024-04-22 |
| Microsoft | 2 | 2 | 2024-04-22 |
| Avast | 1 | 1 | 2023-08-11 |
| AVG | 1 | 1 | 2023-08-11 |
| Palo Alto Networks | 1 | 1 | 2026-03-17 |
| Trend Micro | 1 | 1 | 2023-08-11 |
| Product | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Palo Alto Networks | high | 2026-03-17 | gbhackers.com | record → |
| Kaspersky | high | 2024-04-22 | winbuzzer.com | record → |
| Microsoft | high | 2024-04-22 | winbuzzer.com | record → |
| Kaspersky | high | 2023-08-11 | www.safebreach.com | record → |
| AVG | high | 2023-08-11 | www.safebreach.com | record → |
| Avast | high | 2023-08-11 | www.safebreach.com | record → |
| Trend Micro | high | 2023-08-11 | www.safebreach.com | record → |
| Microsoft | high | 2023-08-11 | www.safebreach.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file.