CP
cyberpings
Malware & RansomwareHIGH

Supply-Chain Compromise Hits eScan Antivirus Users

CPCheck Point ResearchFeb 2, 2026
eScanMicroWorld Technologiesmalwaresupply-chain attack
🎯

Basically, eScan antivirus users received bad updates that let hackers in.

Quick Summary

A supply-chain attack has compromised eScan antivirus software, affecting its users. Malicious updates may have allowed hackers remote access to systems. Stay alert and update your software as fixes are rolled out.

What Happened

A significant security breach has just been reported involving MicroWorld Technologies, the company behind eScan antivirus software. Hackers managed to infiltrate the company's supply chain, pushing out malicious updates through the legitimate eScan updater. This breach is alarming because it not only compromised the antivirus software but also allowed multi-stage malware? to be installed on users' systems.

The malware is designed to establish persistence?, meaning it can remain on the infected devices even after reboots. It also enables remote access? for the attackers, giving them control over affected systems. This kind of attack is particularly dangerous because it can go unnoticed for a long time, allowing hackers to gather sensitive information or launch further attacks.

Why Should You Care

If you use eScan antivirus, your device could be compromised without your knowledge. Imagine your home being unlocked, and you don’t even realize it until something valuable is missing. This situation is similar; your antivirus, which is supposed to protect you, has become a gateway for attackers.

The key takeaway here is that even trusted software can be exploited. Your personal data, financial information, and overall digital security are at risk. It’s crucial to stay informed about the tools you rely on for protection, as they can sometimes become the very source of vulnerability.

What's Being Done

MicroWorld Technologies is aware of the breach and is actively working to mitigate the damage. They are likely developing patches? to remove the malicious updates and secure their systems. If you are an eScan user, here are a few actions you should take immediately:

  • Update your eScan software to the latest version once a patch is released.
  • Run a full system scan to detect and remove any potential malware.
  • Change your passwords for sensitive accounts, especially if you suspect any unauthorized access.

Experts are closely monitoring the situation to see how widespread the impact will be and what further actions might be necessary to protect users. The situation is developing, so stay tuned for updates.

💡 Tap dotted terms for explanations

🔒 Pro insight: This incident underscores the vulnerabilities in software supply chains, highlighting the need for enhanced security measures in update mechanisms.

Original article from

Check Point Research · lorenf

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

ClickFix Attackers Evolve Tactics to Bypass Security Measures

Microsoft warns about a new ClickFix phishing tactic. Attackers are tricking users into executing harmful commands via Windows Terminal. This method can compromise your data and security. Stay alert and educate yourself on these evolving threats!

CSO Online·Yesterday, 9:15 PM
HIGHMalware & Ransomware

Fake Google Meet Update Gives Attackers Control of Your PC

A fake Google Meet update is tricking users into giving hackers control of their PCs. This poses a serious risk to personal and sensitive data. Stay vigilant and avoid suspicious update prompts to protect yourself.

Malwarebytes Labs·Yesterday, 7:35 PM
HIGHMalware & Ransomware

Spyware Masquerades as Emergency App Targeting Israeli Smartphones

Israeli smartphones were targeted by spyware disguised as an emergency app. This deceptive tactic puts personal data at risk. Stay vigilant and verify app legitimacy to protect your privacy.

The Register Security·Yesterday, 6:56 PM
HIGHMalware & Ransomware

Metasploit Update: New Exploits and Enhanced Control Features

Metasploit has launched a new update with powerful exploits and features. Users of Tactical RMM and MajorDoMo are particularly at risk. Stay ahead of potential attacks by updating your systems and reviewing security measures.

Rapid7 Blog·Yesterday, 6:28 PM
HIGHMalware & Ransomware

New ClickFix Attack Uses Windows Terminal for Malicious Payloads

A new wave of ClickFix attacks targets Windows Terminal to deliver malicious payloads. Users are at risk of unauthorized access and data theft. Stay cautious and keep your software updated to protect yourself.

Cyber Security News·Yesterday, 6:05 PM
HIGHMalware & Ransomware

AI-Powered Malware: Transparent Tribe Targets India

A hacking group is using AI to create malware targeting India. This mass production of implants could compromise personal data and financial security. Experts recommend updating software and using strong passwords to protect against these threats.

The Hacker News·Yesterday, 3:11 PM