eScan Antivirus Delivers Malware in Supply Chain Attack

Welcome • User Guide
ToS • Privacy • Canary
Donate • Bugs • License

©2025 Poal.co

869

•

eScan Antivirus Delivers Malware in Supply Chain Attack (www.securityweek.com)

From the post:

>The eScan supply chain attack came to light on January 29, when cybersecurity firm Morphisec published a threat bulletin warning of rogue updates tampering with users’ systems. “Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally,” Morphisec’s bulletin reads. According to the security firm, the updates modified users’ devices so that they would be cut off from eScan’s updates. The antivirus’s normal functionality was also altered, it says.

Archive: https://archive.today/bCbhY From the post: >>The eScan supply chain attack came to light on January 29, when cybersecurity firm Morphisec published a threat bulletin warning of rogue updates tampering with users’ systems. “Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally,” Morphisec’s bulletin reads. According to the security firm, the updates modified users’ devices so that they would be cut off from eScan’s updates. The antivirus’s normal functionality was also altered, it says.

[–] • 1 pt

Once again, security software makes machines more vulnerable to attacks. I bet this software is installed as a part of ISO security compliance.

link