Huntress is a cybersecurity company. They’re specifically hired for this purpose, to protect the company and its assets.
As far as unique identifiers go, advertisers use a unique fingerprint of your browser to target you individually. Cookies, JavaScript, screen size, etc, are all used.
The article states that the "attacker" downloaded the software via a Google ad, not deployed by their corporate IT.
I'm also slightly curious as to if you might be associated with an EDR vendor? I notice that you only have three comments ever, and they all seem to be defending how EDR software and Huntress works without engaging with this specific instance.
Again, threat actors are well aware of what they’re downloading. FWIW I’m an offsec specialist. I spend a lot of time bypassing EDR. Im just shocked at how little this crowd is aware of OpSec and threat intel. I’ll crawl back into my Reddit hole
If you just want a different source, I can vouch for what cybergreg is saying.
Cybersecurity companies aren't passive data collectors like, say, Dropbox. They actively hunt for attacks in the data. To be clear, this goes way beyond MDR or EDR. The email security companies are hunting in your email, the network security companies are hunting in your network logs, so on. When they find things, they pick up the phone, and sometimes save you from wiring a million dollars to a bad guy or whatever.
The customer likes this very much, even if individual employees don't.
As far as unique identifiers go, advertisers use a unique fingerprint of your browser to target you individually. Cookies, JavaScript, screen size, etc, are all used.