Hackers Breached 3 US Antivirus Companies

Status
Not open for further replies.
F

ForgottenSeer 58943

Norton has lost code before.

Also, modern interdiction technology readily subverts AV's by using re-engineered code from those AV's so it stands to reason this has happened and will happen again. Norton is obviously one of the victims here and if so, it really begs the question as to if they can fully recover once all of the disclosures come out.

That TerraPrivacy guy many months ago basically proved Norton was compromised if I remember, but he pulled the video for legal reasons.
 
  • Like
  • Wow
Reactions: JB007, woodrowbone, Nestor and 5 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,867
ForgottenSeer 58943 said:
Norton has lost code before.

Also, modern interdiction technology readily subverts AV's by using re-engineered code from those AV's so it stands to reason this has happened and will happen again. Norton is obviously one of the victims here and if so, it really begs the question as to if they can fully recover once all of the disclosures come out.

That TerraPrivacy guy many months ago basically proved Norton was compromised if I remember, but he pulled the video for legal reasons.
Click to expand...

I am skeptical about the company investigating this. AdvIntel seems to have appeared out of nowhere. Not to say the hacks haven’t happened, but who are they?
 
  • Like
Reactions: JB007 and dragongate888
omidomi

omidomi

Level 71
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,008
Bad news , users should know whats happen & Also which companies were hacked & why?
I do't know why! when a none US based Av company do a mistake all around the world Sites,Blogs,News will cover that and now, no one do't know whats happen & for which one:censored:
btw US Av companies are:
Symantec,Mcaffe,MalwareBytes,Viper,Webroot,Cylance
which one :unsure:
but we can guess which one keep close attention to this sentence:
"A screenshot shows a reverse-engineringtool view of code presented by the hacking collective Fxmsp showing access to a major US antivirus software company. "
Major!
I guess emm Symantec & Mcaffee are major & which of these companies are major? (malwarebytes or Webroot?)
 
Last edited:
  • Like
  • Thanks
Reactions: JB007, plat, upnorth and 5 others
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Can't be easy for the companies affected also for the US companies that were not affected & subject to speculation? The story does seem to be going somewhat exponential & the cat does seem to have escaped from he bag. As ForgottenSeer 58943 says Norton lost code some time ago but as I remember they said it was old & not critical, looks a little different this time, assuming they are affected.
 
  • Like
Reactions: JB007, oldschool and Burrito
F

ForgottenSeer 58943

Betcha Cylance.. Cylance has played fast and loose with their security, code control, and vetting employees/contractors. The firm was largely run by marketing shills and anything market and sales shills at firms handle/touch is pretty much tainted goods because their entire focus is on money aside from all other considerations. I'd almost place money on one of them being Cylance.

I've learned over the years that sales and marketing people at corporations are nothing but parasites.
 
  • Like
  • Applause
Reactions: Vitali Ortzi, JB007, oldschool and 2 others
Burrito

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363
Symantec would be an obvious target. They have money, they have good code that could draw value in the black market. They are a big, well-known, lucrative target.

But... we have a conditional denial from Norton now --

Symantec is aware of recent claims that a number of US-based antivirus companies have been breached. Researchers at AdvIntel, who released information on the breach to media, stated they had notified potential victim entities of the breach. At this time, Symantec has not been contacted by AdvIntel. We have no indication that Symantec (Norton) has been impacted and do not believe there is reason for our customers to be concerned.
Click to expand...

So if it is correct that the 3 companies have been notified, this is an indicator that Symantec is not one of the three.

Not to overly parse their words... but... the Symantec statement (above) references 'contact by Advintel.' Several of the press reports indicated that "partner organisations" (not Advintel) have contacted the breached AVs.

It is probably just inexact wording. But parsing words carefully while avoiding the truth is pretty common in this era of seemingly common corporate and government lying.

But the last sentence should cover any doubt, "We have no indication that Symantec (Norton) has been impacted.."

Assuming Symantec was not breached, they are probably lucky -- or very well protected. Because I'll bet they were a target.
 
  • Like
Reactions: Divine_Barakah, JB007, bribon77 and 4 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,867
Sunshine-boy said:
The list:
Comodo
Fortinet
McAfee
Microsoft
Immunet
Symantec
Webroot.
FireEye
Palo Alto
Carbon Black
Symantec is probably one of them:
www.longroom.com

Symantec boss Greg Clark exits biz amid dismal financials

Greg Clark, CEO and president of Symantec, has "stepped down" suddenly and with no permanent replacement lined up, just as his predecessor did.
www.longroom.com
Click to expand...

It does seem to line up too well that he stepped down just before the news hit. If Microsoft is involved there’s a lot more at risk than AV software since they supposedly gained access to internal networks. I bet they’d be bragging more (and charging more) if they got the key to that door, but I could be wrong.
 
  • Like
Reactions: JB007 and upnorth
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,867
  • Like
Reactions: JB007, oldschool, upnorth and 2 others
F

ForgottenSeer 58943

Many forget, while Trend Micro likes people to think it's not a US Company, it really is more US-Based than almost any AV firm. In fact CIA and Booz Allen largely share fusion centers with Trend Micro. Trend Micro a few years ago made major strides in detection but lately they've had a string of uncomfortable incidents. In addition, in the Hacker Deterrant thread it seemed to indicate Trend Micro had been reverse engineered at enough of a level to where key core components could be replaced with malicious ones.

The exit of key people at Symantec largely affirms this as generally when something like this happens C level leadership has little option other than to be flushed out.
 
  • Like
Reactions: JB007 and oldschool
Status
Not open for further replies.

Similar threads

enaph
    • Like
    • Wow
Security News FBI: Chinese State Hackers Breached U.S. Telecom Providers
Replies
3
Views
876
Security News
bazang
bazang
[correlate]
    • +Reputation
    • Like
Security News China's Salt Typhoon cyber spies are deep inside US ISPs
Replies
0
Views
1,545
Security News
[correlate]
[correlate]
enaph
    • Wow
    • +Reputation
Privacy News Hisense USA Allegedly Breached, Customer Data Exposed
Replies
0
Views
607
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top