eScan confirms update server breached to push malicious update

[Harputlu]

Do you know anything about SolarWinds supply chain attack?

Also Many of the antivirus solutions were coded into the malware kill list including MD, Avast, AVG Eset and F-Secure.

But this problem was not the fault of the antivirus companies. It was the fault of SolarWinds. Escan made a big mistake here.

 

[Captain Awesome]

Not very good result

~Tachikoma

For me its doing great.
It has some weakness but it improving slowly.
They are good at feedbacks from their Users.

Its always the person who control the mechines that is connected to the Internet (clickers) not the AVs.

 

[Captain Awesome]

K7 is a quality program. However, it failed our friend Shadowra's tests on the forum. That's why I didn't write about it.

Every program has its limitation, K7 has it too. But K7 has some of the best teams in the AV industry in world. @Shadowra is one of my fav. AV tester. I always take his feedback and deliver it to the team@K7.

 

[TairikuOkami]

But this problem was not the fault of the antivirus companies.

AV, which does not sign it's signatures, such a scenario could have never happened with Defender.
Optimization at the cost of security by downloading just data. MS uses CDN and acts accordingly.

 

[Tachikoma]

Every program has its limitation, K7 has it too. But K7 has some of the best teams in the AV industry in world. @Shadowra is one of my fav. AV tester. I always take his feedback and deliver it to the team@K7.

Thank you for your input ! One more ask - what is difference between infiniti and regular ?

~Tachikoma

 

[Captain Awesome]

Thank you for your input ! One more ask - what is difference between infiniti and regular ?

~Tachikoma

The key difference between the Infiniti edition and other "regular" K7 products is the subscription model: the Infiniti edition offers a lifetime validity with a one-time payment, unlike the annual or monthly subscriptions of regular versions.

 

[Tachikoma]

The key difference between the Infiniti edition and other "regular" K7 products is the subscription model: the Infiniti edition offers a lifetime validity with a one-time payment, unlike the annual or monthly subscriptions of regular versions.

There must be some other difference I just check and infiniti doesn't work on windows XP so must be something else too. Thanks .

~Tachikoma

 

[Trident]

But eScan uses Bitdefender Engine..

Of all the Indian AV, K7 seems to be above them all.

It may be using even Avast and Check Point engines side by side.

The entire software stack is inferior, held by duct tape and prayer. This is inevitable when cost cutting (which it’s not like all Asians are not very well known for) above all.

This is how they got pwned.

Sadly, you may be surprised how much or the corporate software also holds on prayers and duct tape.

 

[I3rYcE]

The key difference between the Infiniti edition and other "regular" K7 products is the subscription model: the Infiniti edition offers a lifetime validity with a one-time payment, unlike the annual or monthly subscriptions of regular versions.

The Infiniti will be valid until Windows 11 support.

 

[Captain Awesome]

No

The Infiniti will be valid until Windows 11 support.

No they will be Windows12 support as well.

 

[Captain Awesome]

There must be some other difference I just check and infiniti doesn't work on windows XP so must be something else too. Thanks .

~Tachikoma

Who use XP???? Use WINDOWS10 LTSC OR Linux.

 

[Tachikoma]

Who use XP???? Use WINDOWS10 LTSC OR Linux.

Many businesses with old software like power plants , production etc .

~Tachikoma

 

[Parkinsond]

WINDOWS10 LTSC

If still heavy, W 10 LTSB is lighter, midway between 8.1 and 10.

 

[Trident]

Many businesses with old software like power plants , production etc .

~Tachikoma

The PCs that managers and so on use in offices are typically updated.
What you are referring to (on the machines themselves when they are using the appropriate controller) is a version of Windows Embedded which was renamed to Windows IoT. Majority of the systems with Windows Embedded are and have always been air gapped.

 

[Jonny Quest]

Didn't Avast around ~15 years ago push out an update that borked some (a lot of) peoples Windows 7 devices? It wasn't breach related though, as per this thread title.

 

[Parkinsond]

Didn't Avast around ~15 years ago push out an update that borked some (a lot of) peoples Windows 7 devices? It wasn't breach related though, as per this thread title.

Symantec corporate antivurs too; approx 20 y ago or earlier, pushed an update leading to quarantine of hundreds of system files.

 

[Trident]

Didn't Avast around ~15 years ago push out an update that borked some (a lot of) peoples Windows 7 devices? It wasn't breach related though, as per this thread title.

The Avast forums were breached. The defective updates happened to many vendors, not just Avast.

20 years ago everything used to be manual work, including testing the quality of the detections.

 

[stonjean633]

It may be using even Avast and Check Point engines side by side.

The entire software stack is inferior, held by duct tape and prayer. This is inevitable when cost cutting (which it’s not like all Asians are not very well known for) above all.

This is how they got pwned.

Sadly, you may be surprised how much or the corporate software also holds on prayers and duct tape.

Oh man.
Let's just sing to the tune of....

 

[XLR8R]

Feel bad for eScan having known its founding company (including some early employees etc.) for 21 years. eScan is a product that combines really innovative and great in house technology (MWL; PBAE) with a Frankenstein mess of old code including an old version of BitDefender ATC that they seem to maintain and update themselves, legacy G-Data code and an updater that has stayed the same for 14 years if I am not wrong. I hope they will use the opportunity to do a software redesign at some point.

That being said, I am in fact using eScan on one of my machines and for some reason there was no problem at all in my updates so it appears to have been region/server-targeted, probably part of some coordinated attack group.

 

[Shadowra]

I was just starting to plan its test... now we'll have to wait for eScan to fix its issues !

I'd hate to test an antivirus that has a hidden Trojan at the moment.