Gentlemen ransomware uses GentleKiller to disable security software (opens in new tab)

The Gentlemen ransomware-as-a-service group is deploying a specialized suite of tools designed to disable endpoint detection and response (EDR) software. The primary utility, dubbed GentleKiller, exists in at least eight variants that impersonate legitimate security products like Kaspersky and WatchDog. These tools aim to neutralize defenses early in an attack to ensure that data exfiltration and encryption proceed without interference. <a href="