{"id":11367,"date":"2026-02-01T16:06:09","date_gmt":"2026-02-01T16:06:09","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=11367"},"modified":"2026-02-01T16:06:09","modified_gmt":"2026-02-01T16:06:09","slug":"escan-antivirus-delivers-malware-in-provide-chain-assault","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=11367","title":{"rendered":"eScan Antivirus Delivers Malware in Provide Chain Assault"},"content":{"rendered":"


\n<\/p>\n

\n

eScan antivirus customers have been contaminated with malware final week after hackers compromised an official replace server, safety researchers report.<\/strong><\/p>\n

The eScan provide chain assault got here to mild on January 29, when cybersecurity agency Morphisec revealed a menace bulletin warning of rogue updates tampering with customers\u2019 programs.<\/p>\n

\u201cMalicious updates have been distributed by way of eScan\u2019s authentic replace infrastructure, ensuing within the deployment of multi-stage malware to enterprise and client endpoints globally,\u201d Morphisec\u2019s bulletin<\/a> reads.<\/p>\n

In response to the safety agency, the updates modified customers\u2019 gadgets in order that they’d be reduce off from eScan\u2019s updates. The antivirus\u2019s regular performance was additionally altered, it says.<\/p>\n

The affected customers obtained a malicious \u2018Reload.exe\u2019 file, designed to kick off a multi-stage an infection chain. The file modified the HOSTS file to dam computerized updates, established persistence by way of scheduled duties, and downloaded extra payloads.<\/p>\n

\u201cComputerized remediation is subsequently not doable for compromised programs. Impacted organizations and people should proactively contact eScan to acquire the handbook replace\/patch,\u201d Morphisec says.<\/p>\n

Commercial. Scroll to proceed studying.<\/span><\/div>\n

Morphisec stated it reported the incident to MicroWorld Applied sciences, the corporate behind eScan, on January 21, sooner or later after it detected the malicious habits on its prospects\u2019 gadgets.<\/p>\n

eScan knowledgeable Morphisec that it had detected unauthorized entry to its infrastructure on January 20 and instantly remoted the impacted replace servers, which remained offline for over eight hours.<\/p>\n

To resolve the problem, eScan launched a utility that customers can get hold of by contacting the corporate\u2019s technical help staff. The device was designed to scrub the an infection, roll again malicious system modifications, and restore eScan\u2019s regular performance.<\/p>\n

eScan downplays impression, cries foul play<\/h2>\n

Whereas the assault and the aftermath appear relatively easy, eScan\u2019s response to the general public disclosure of the incident is a distinct story.<\/p>\n

Because it seems, the Indian antivirus supplier was not pleased with Morphisec\u2019s evaluation of how the incident unfolded, nor with the \u201cprovide chain assault\u201d stamp slapped on it.<\/p>\n

The corporate, nevertheless, did verify the unauthorized entry to its infrastructure. In reality, it disclosed it to its prospects in a January 22 safety advisory, which states that the incident impacted a regional replace server.<\/p>\n

\u201cUnauthorized entry to certainly one of our regional replace server configurations resulted in an incorrect file (patch configuration binary\/corrupt replace) being positioned within the replace distribution path. This file was distributed to prospects downloading updates from the affected server cluster throughout a restricted timeframe on January 20, 2026,\u201d the advisory<\/a> reads.<\/p>\n

The advisory\u2019s description of the system habits triggered by the malicious replace overlaps with Morphisec\u2019s description. Moreover, eScan notes that the incident had a medium-high impression on enterprise prospects, which inserts Morphisec\u2019s evaluation.<\/p>\n

Regardless, eScan is sad with Morphisec\u2019s reporting on the incident, which it reportedly<\/a> sees as inaccurate. In reality, the antivirus firm is outwardly working with authorized counsel on the matter.<\/p>\n

SecurityWeek<\/em> has emailed eScan for an announcement on the incident and can replace this text if the corporate responds.<\/p>\n

Associated:<\/strong> \u2018PackageGate\u2019 Flaws Open JavaScript Ecosystem to Provide Chain Assaults<\/a><\/p>\n

Associated:<\/strong> Notepad++ Patches Updater Flaw After Studies of Site visitors Hijacking<\/a><\/p>\n

Associated:<\/strong> Fintech Agency Wealthsimple Says Provide Chain Assault Resulted in Information Breach<\/a><\/p>\n

Associated:<\/strong> AI Provide Chain Assault Technique Demonstrated Towards Google, Microsoft Merchandise<\/a>\n\t\t\t<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"

eScan antivirus customers have been contaminated with malware final week after hackers compromised an official replace server, safety researchers report. The eScan provide chain assault got here to mild on January 29, when cybersecurity agency Morphisec revealed a menace bulletin warning of rogue updates tampering with customers\u2019 programs. \u201cMalicious updates have been distributed by way […]<\/p>\n","protected":false},"author":2,"featured_media":11369,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[7648,717,241,4611,7647,216,240],"class_list":["post-11367","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-antivirus","tag-attack","tag-chain","tag-delivers","tag-escan","tag-malware","tag-supply"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/11367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11367"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/11367\/revisions"}],"predecessor-version":[{"id":11368,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/11367\/revisions\/11368"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/11369"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}