any self-respecting malware writer will download [powertools] and…
I’m not as familiar with mass-market malware, but APT-level gear generally doesn’t try to make use of such easily observed events. The more network traffic malware appropriates, the greater the probability that it’s caught.
Simply put, Powertools puts several functions within arms reach for malware looking to stay under the radar. Without it, malware needs to bring more of its own code which increases footprint. Living off the land exploits in particular love the presence of these kinds of programs
I would not say
I’m not as familiar with mass-market malware, but APT-level gear generally doesn’t try to make use of such easily observed events. The more network traffic malware appropriates, the greater the probability that it’s caught.
Simply put, Powertools puts several functions within arms reach for malware looking to stay under the radar. Without it, malware needs to bring more of its own code which increases footprint. Living off the land exploits in particular love the presence of these kinds of programs