Riskware/NDAoF

description-logoAnalysis

Riskware/NDAoF is a generic detection for a riskware, this is synonymous to Generic PUA or Generic PUP. Since this is a generic detection, riskware that are detected as Riskware/NDAoF may have varying behaviour.
Below are some of its observed characteristics/behaviours:

  • Samples detected as Riskware/NDAoF are considered a "None Desireable Application or File", to which our internal systems have heuristically/behaviourally/thru automation, identified as such and is classified as greyware.
  • The unwanted behavior of these files may vary from potentially compromising or weakening a user's security, slowing down a user's CPU by consuming computing resources, to modifying web browser settings without adequate consent.
  • Some files detected as Riskware/NDAoF may include crypto miners, monitoring software, or unnecessary web extensions.

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-03-18 92.02573
2024-03-18 92.02571
2024-03-18 92.02564
2024-03-18 92.02562
2024-03-18 92.02560
2024-03-17 92.02547
2024-03-17 92.02542
2024-03-17 92.02540
2024-03-17 92.02534
2024-03-17 92.02526