The researchers notified these companies three months ago that their anti-virus apps are susceptible to the technique:

Avast (CVE-2017-5567)

AVG (CVE-2017-5566)

Avira (CVE-2017-6417)

Bitdefender (CVE-2017-6186)

Trend Micro (CVE-2017-5565)

Comodo

ESET

F-Secure

Kaspersky

Malwarebytes

McAfee

Panda

Quick Heal

Norton

They've been working with some of them since, but thus far, only Malwarebytes and AVG have issued a patch. Trend-Micro plans to release one soon, as well. If you use any of the three apps, you may want to update as soon as you can. To note, Cybellum only focused its efforts on anti-virus programs, but the technique could work with any application, even Windows OS itself.

To better understand what DoubleAgent can do, make sure to watch the video below. It shows how it can turn an anti-virus app into a ransomware that encrypts files until you pay up.

Update: A Norton spokesperson reached out and told us: