Hackers infect users of antivirus service that delivered updates over HTTP

[Nathan]

Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service delivered updates over HTTP, a protocol vulnerable to attacks that corrupt or tamper with data as it travels over the Internet.


The unknown hackers, who may have ties to the North Korean government, pulled off this feat by performing a man-in-the-middle (MitM) attack that replaced the genuine update with a file that installed an advanced backdoor instead, said researchers from security firm Avast today.


eScan, an AV service headquartered in India, has delivered updates over HTTP since at least 2019, Avast researchers reported. This protocol presented a valuable opportunity for installing the malware, which is tracked in security circles under the name GuptiMiner.


"This sophisticated operation has been performing MitM attacks targeting an update mechanism of the eScan antivirus vendor," Avast researchers Jan Rubín and Milánek wrote. "We disclosed the security vulnerability to both eScan and the India CERT and received confirmation on 2023-07-31 from eScan that the issue was fixed and successfully resolved." arstechnica.com/security/2024

 

[Rich]

It's profoundly disappointing that the digital world is so alarmingly dangerous. I equate it to a walk through a dangerous neighborhood; you need security and vigilance. Unfortunately, even that is often not enough. I often wonder how much further ahead we might be if the nefarious types were to work for improvement rather than constantly trying to destroy.

 

[TennVet]

Nathan, you know much more about today's technology than I do. Here's a question. Our WIFI router covers our house quite well. My shop is in an unattached metal building and gets no WIFI signal. Is there an economical way to send a WIFI signal from my house to that building?

 

[Nathan]

Nathan, you know much more about today's technology than I do. Here's a question. Our WIFI router covers our house quite well. My shop is in an unattached metal building and gets no WIFI signal. Is there an economical way to send a WIFI signal from my house to that building?

You can get a WIFI bridge or signal booster, here is an article that explains:

Point-to-point Wi-Fi bridging between buildings—the cheap and easy way

 

[Rae]

Not sure if this is where to post this but I was going on a website to register a product I bought and all of a sudden a message appeared from Microsoft Guard or something like that and it said my computer was locked and would not work due to a trojan virus. It gave a phone number to call. I could not use the computer but decided to shut it off. When I came back on it was working. I think it was a scam as my McAfee said there were no viruses on my computer.