Riskware/NDAoF is a generic detection for a riskware, this is synonymous to Generic PUA or Generic PUP.
Since this is a generic detection, riskware that are detected as Riskware/NDAoF may have varying behaviour.
Below are some of its observed characteristics/behaviours:
- Samples detected as Riskware/NDAoF are considered a "None Desireable Application or File", to which our internal systems have heuristically/behaviourally/thru automation, identified as such and is classified as greyware.
- The unwanted behavior of these files may vary from potentially compromising or weakening a user's security, slowing down a user's CPU by consuming computing resources, to modifying web browser settings without adequate consent.
- Some files detected as Riskware/NDAoF may include crypto miners, monitoring software, or unnecessary web extensions.
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.