Malware News Antivirus Vendor Hacked: Malicious Updates

Sandbox Breaker

Sandbox Breaker

Level 9
Thread author
Verified
Well-known
Jan 6, 2022
436
Content source
https://www.bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/
www.bleepingcomputer.com

Hackers hijack antivirus updates to drop GuptiMiner malware

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware.
www.bleepingcomputer.com www.bleepingcomputer.com

Who knew that one day your antivirus would update with malware. Another supply chain attack.
 
  • Wow
  • Like
  • +Reputation
Reactions: SeriousHoax, Nevi, [correlate] and 9 others
nickstar1

nickstar1

Level 6
Verified
Well-known
Dec 10, 2022
266
Jonny Quest said:
Didn't about 10 years ago, Avast put out an update that toasted some people's Windows PCs?
Click to expand...
I think every AV has had its glory one day or another. I remember in 2022 Malwarebytes blocking every single website due to a bad update. Mcafee had one in 2007-2008 that bricked millions of PC's. Yet again NOT malware related but they can be considered even worse depending on the bad update and system damage/data loss.
 
  • Like
Reactions: SeriousHoax, Nevi, Trident and 4 others
Trident

Trident

Level 28
Verified
Top Poster
Well-known
Feb 7, 2023
1,745
Jonny Quest said:
Didn't about 10 years ago, Avast put out an update that toasted some people's Windows PCs?
Click to expand...
A lot of them had history with defective updates years ago, that’s why nowadays they always keep copies of the previous database that can be activated very quickly. But back then (more than 10 years ago) collecting safe files reputation still wasn’t a thing.

But this case is not a defective update, it is a full blown supply chain attack, similar to CCleaner.
I am sorry to say, but looking at the awful website eScan has got, they are not really the pinnacle of security so it’s no wonder it happens to them. Third-tier products just can’t be great.
 
  • Like
  • +Reputation
Reactions: SeriousHoax, Nevi, Sandbox Breaker and 1 other person

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Wow
Malware News Russian military hackers target Ukraine with new MASEPIE malware
Replies
0
Views
1,184
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The biggest cybersecurity and cyberattack stories of 2023
Replies
0
Views
1,201
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
Replies
0
Views
1,422
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top