Threat Encyclopedia

Riskware/NDAoF

description-logoAnalysis

Riskware/NDAoF is a generic detection for a riskware, this is synonymous to Generic PUA or Generic PUP. Since this is a generic detection, riskware that are detected as Riskware/NDAoF may have varying behaviour.
Below are some of its observed characteristics/behaviours:

  • Samples detected as Riskware/NDAoF are considered a "None Desireable Application or File", to which our internal systems have heuristically/behaviourally/thru automation, identified as such and is classified as greyware.
  • The unwanted behavior of these files may vary from potentially compromising or weakening a user's security, slowing down a user's CPU by consuming computing resources, to modifying web browser settings without adequate consent.
  • Some files detected as Riskware/NDAoF may include crypto miners, monitoring software, or unnecessary web extensions.

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.