Dragon Boss Malware: Mass Antivirus Disablement via Signed Payloads

The cybersecurity landscape of 2026 has been defined by a terrifying paradox: the very mechanisms designed to guarantee software integrity are now being used to dismantle it. On April 16, 2026, the digital world woke up to the realization that the “Dragon Boss” operation had successfully breached the perimeter of over 23,000 endpoints worldwide. This was not a brute-force breach or a zero-day exploit in the traditional sense; it was a subversion of trust. By leveraging digitally signed payloads, the Dragon Boss malware turned legitimate code-signing infrastructure into a Trojan horse, systematically blinding security teams before they even realized a battle had begun.

The scale of the “Dragon Boss” operation is unprecedented for a campaign that hides behind the facade of “Potentially Unwanted Programs” (PUPs). What initially appeared to be aggressive adware—distributed under the banner of Dragon Boss Solutions LLC—evolved into a high-precision weapon capable of neutralizing the industry’s most robust endpoint protection platforms (EPP). With infections spanning 124 countries and high-value targets ranging from Fortune 500 boardrooms to critical utility grids, the campaign marks a pivotal shift in how modern threat actors bypass the “Circle of Trust.”

The Architecture of Deception: How Dragon Boss Malware Abuses Trust

The core of the “Dragon Boss” threat lies in its use of valid digital signatures. Historically, security software and operating systems have relied on certificates as a “hall pass.” If a file is signed by a known publisher, it is often subjected to less rigorous inspection. The Dragon Boss malware exploited this systemic vulnerability by using certificates issued to “Dragon Boss Solutions LLC”—a shell company masquerading as a search monetization research firm. By presenting a “clean” identity, the initial droppers were able to bypass signature-based detection and execute with SYSTEM-level privileges.

The operation primarily targeted systems through what appeared to be harmless, albeit annoying, custom browsers such as Chromstera, Chromnius, and Web Genius. These applications were built using the legitimate Advanced Installer framework. This choice was deliberate: Advanced Installer includes a robust, built-in update mechanism that administrators and security tools typically allow to run autonomously. By hijacking this update workflow, the attackers could push “AV-killing” payloads to thousands of machines simultaneously, effectively turning a legitimate software update into a massive de-provisioning event for security software.

Technical Deep Dive: The Rust-Compiled Dropper

The primary delivery vehicle for the Dragon Boss operation was a sophisticated dropper compiled in Rust. In 2026, Rust has become the language of choice for elite malware authors due to its memory safety features and the inherent difficulty it poses for reverse engineering. Unlike traditional C++ binaries, Rust-compiled Dragon Boss malware components are often statically linked, resulting in large, complex files that hide malicious logic amidst thousands of legitimate library functions.

This Rust dropper was designed for one purpose: reconnaissance and neutralization. Upon execution, the dropper performs a series of “pre-flight” checks to ensure it is not running in a sandbox or a virtual machine (VM). If the environment is deemed “safe,” it proceeds to identify the specific endpoint protection installed on the host. The dropper does not just look for Windows Defender; it specifically targets enterprise-grade solutions including:

• Malwarebytes
• Kaspersky
• McAfee
• ESET
• CrowdStrike Falcon

The ClockRemoval.ps1 Execution

Once the target antivirus is identified, the dropper deploys a PowerShell payload known as ClockRemoval.ps1. This script is a masterclass in scorched-earth security removal. Running with elevated SYSTEM privileges, it executes a “tight polling loop” that attempts to kill security processes every 100 milliseconds. This ensures that even if a security service attempts to restart, it is terminated before it can initialize its detection engines. Furthermore, the script modifies the Windows Registry to strip out service entries and uses native vendor uninstallers—run silently—to remove the security software from the system entirely.

Persistence and the Blinding of Windows Defender

The Dragon Boss malware does not rely on simple registry keys for persistence. Instead, it utilizes Windows Management Instrumentation (WMI) event subscriptions and a suite of five specific scheduled tasks. These tasks—named ClockSetupWmiAtBoot, DisableClockServicesFirst, DisableClockAtStartup, RemoveClockAtLogon, and RemoveClockPeriodic—ensure that the system remains unprotected even after a reboot. If an IT administrator attempts to reinstall security software, the periodic task (running every 30 minutes) will simply uninstall it again.

To ensure that Microsoft’s built-in protections do not interfere, the malware programmatically adds exclusions to Windows Defender. It carves out protected “safe zones” in directories like D:\Google, E:\Microsoft, and D:\Dapps. These directories serve as staging areas for the second-stage payloads, allowing them to reside on the disk without ever being scanned by the real-time protection engine.

Perhaps the most insidious move in the Dragon Boss playbook is the poisoning of the hosts file. The malware redirects the update domains of major AV vendors (e.g., updates.kaspersky.com) to 0.0.0.0. This effectively severs the communication between the infected host and the security vendor’s cloud, preventing the endpoint from receiving the very signatures that could detect the “Dragon Boss” threat.

The Secondary Payload: Vidar Stealer 2.0

With the “armor” of the endpoint removed, the Dragon Boss malware pivots to its true objective: the exfiltration of high-value data. Research indicates that the primary second-stage payload in the April 2026 campaign is Vidar Stealer 2.0. This evolved version of the notorious infostealer is designed for the modern era of decentralized finance and cloud-based identity.

Vidar 2.0 features enhanced capabilities for harvesting:

• Active Session Tokens: Bypassing Multi-Factor Authentication (MFA) by stealing active browser cookies for services like Azure, AWS, and Google Workspace.
• Cryptocurrency Wallets: Scanning for local wallet files (e.g., wallet.dat) and browser-based extensions like MetaMask and Phantom.
• Credential Databases: Extracting saved passwords from Chrome, Edge, and Firefox.
• Telegram and Discord Sessions: Allowing attackers to hijack communications for lateral movement or social engineering.

By using Telegram and Steam profiles for Command and Control (C2) obfuscation, Vidar 2.0 hides its exfiltration traffic within legitimate HTTPS requests to trusted domains, making it nearly impossible to detect at the network level once the local AV has been disabled.

A Global Impact: 23,000 Endpoints and Counting

The victimology of the Dragon Boss campaign reveals a calculated approach to targeting. While many infections were found in consumer environments (often via users searching for “free game cheats” or “ad-free browsers”), a significant percentage of the 23,565 confirmed infections were located within high-value sectors. The geographic distribution shows a heavy concentration in the United States (53.9%), followed by France (11.9%) and Canada (10.1%).

More alarming are the specific organizations affected:

1. Academic Institutions: 221 universities and colleges were compromised, likely as a gateway to sensitive research data.
2. Critical Infrastructure: 41 operational technology (OT) networks related to electric utilities and transport sectors showed signs of the AV-killer script.
3. Government Entities: 35 municipal and state agencies were found to have active Dragon Boss persistence mechanisms.
4. Fortune 500 Companies: Multiple global corporations had endpoints “blinded” by the signed update mechanism.

The $10 Supply Chain Risk

One of the most shocking revelations of the Dragon Boss malware investigation is the sheer negligence of the attackers regarding their own infrastructure. Researchers at Huntress discovered that the primary update domain used by the malware—chromsterabrowser[.]com—had not been registered. For a mere $10, any threat actor could have purchased that domain and gained the ability to push their own malicious payloads to the entire 23,000-host botnet.

This highlights a “supply chain within a supply chain” risk. The Dragon Boss operators built the infrastructure to disable security, but their failure to secure their own C2 domains meant that the infected hosts were essentially “open doors” waiting for the highest bidder. Fortunately, security researchers registered the domains first and “sinkholed” the traffic, preventing a potentially catastrophic escalation into a global ransomware event.

Mitigation and the Future of Trust-Based Security

The “Dragon Boss” operation serves as a grim reminder that digital signatures are not a proxy for safety. As we move further into 2026, organizations must move toward a “Zero Trust” model even for signed software. Relying on publisher reputation is no longer sufficient when threat actors can easily acquire certificates or compromise the build pipelines of legitimate software providers.

Key defensive strategies include:

• WMI Monitoring: Security teams should hunt for WMI event subscriptions containing terms like “MbRemoval” or “MbSetup.”
• Process Auditing: Monitoring for the --simulate-outdated-no-au flag in browser processes, which is a hallmark of the Dragon Boss Chrome bypass.
• Host File Integrity: Implementing file integrity monitoring (FIM) on the Windows hosts file to detect unauthorized redirects.
• Behavioral Analysis over Signatures: EDR tools must be configured to alert on the *behavior* of an application (e.g., attempting to kill an AV process) regardless of whether the binary is signed.

The Dragon Boss malware has proven that the “Dragon” is not at the gate—it is already inside, holding a valid ID card. Only by dismantling the blind trust we place in certificates and signed updates can we hope to secure the endpoints of tomorrow.