Antivirus

Insecure VPN profile allowed hackers to breach Avast antivirus network

Through the use of compromised credentials via a temporary VPN account, Hackers were able to access the internal network of the cybersecurity company Avast where they likely intended to launch a supply chain attack targeting CCleaner.According to the firm’s CISO, Jaya Baloo who published a blog post with more information about the incident, the attack…

Published 6 years ago in
Insecure VPN profile allowed hackers to breach Avast antivirus network


Through the use of compromised credentials via a temporary VPN account, Hackers were able to access the internal network of the cybersecurity company Avast where they likely intended to launch a supply chain attack targeting CCleaner.

According to the firm’s CISO, Jaya Baloo who published a blog post with more information about the incident, the attack appears to be an “extremely sophisticated attempt”

Avast is referring to this attempt by the name “Abiss” and the company says that the threat actor behind it was extremely cautious in an attempt to avoid being detected while hiding their true intentions.

Logs of suspicious activity show that the hackers tried to access its internal network on May 14 and 15, July 24, September 11 and again on October 4. The intruder connected from a public IP address in the UK a

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Antivirus

Nearly 8,500 small and medium businesses faced cyberattacks through mimic AI tools in 2025: Kaspersky

Global cybersecurity company Kaspersky said on Wednesday that nearly 8,500 users from small and medium-sized businesses (SMBs) faced cyberattacks in the year so far, where “malicious or unwanted software” was disguised as popular online productivity tools. In April, Kaspersky — a cybersecurity company that provides antivirus and other security software for computers and mobile devices

Published 2 days ago in
Nearly 8,500 small and medium businesses faced cyberattacks through mimic AI tools in 2025: Kaspersky

Global cybersecurity company Kaspersky said on Wednesday that nearly 8,500 users from small and medium-sized businesses (SMBs) faced cyberattacks in the year so far, where “malicious or unwanted software” was disguised as popular online productivity tools.
In April, Kaspersky — a cybersecurity company that provides antivirus and other security software for computers and mobile devices — said that widespread adoption of artificial intelligence (AI) and machine learning technologies in recent years has provided “threat actors with sophisticated new tools to perpetrate attacks”…
Read More

Continue Reading
Antivirus

The best antivirus software of 2025: Stay safe from online attacks and ransomware scams

These antivirus tools can block online dangers, protect your data and shield your privacy and they are a lot cheaper than you think…

Published 2 days ago in

These antivirus tools can block online dangers, protect your data and shield your privacy and they are a lot cheaper than you think…
Read More

Continue Reading
Antivirus

Why This Budget-Friendly VPN & Antivirus Combo Is Blowing Up

If you’re looking to score a two-in-one deal, this discounted VPN + antivirus combo from Surfshark is sure to catch your eye…

Published 2 weeks ago in
Why This Budget-Friendly VPN & Antivirus Combo Is Blowing Up

If you’re looking to score a two-in-one deal, this discounted VPN + antivirus combo from Surfshark is sure to catch your eye…
Read More

Continue Reading
Antivirus

Hackers are using Google.com to deliver malware by bypassing antivirus software. Here’s how to stay safe

Attackers use real Google URLs to sneak malware past antivirus and into your browser undetected This malware only activates during checkout, making it a silent threat to online payments The script opens a WebSocket connection for live control, completely invisible to the average user A new browser-based malware campaign has surfaced, demonstrating how attackers are

Published 3 weeks ago in
Hackers are using Google.com to deliver malware by bypassing antivirus software. Here’s how to stay safe
  • Attackers use real Google URLs to sneak malware past antivirus and into your browser undetected
  • This malware only activates during checkout, making it a silent threat to online payments
  • The script opens a WebSocket connection for live control, completely invisible to the average user

A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses.

A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect.

It appears to originate from a legitimate OAuth-related URL, but covertly executes a malicious payload with full access to the user’s browser session.

You may like

  • Google Apps Script abused to launch dangerous phishing attacks
  • Criminals hijacking subdomains of popular websites such as Bose or Panasonic to infect victims with malware: here’s how to stay safe
  • Cybercriminals have found a sneaky way of stealing tax accounts and even encrypted messages: here’s what you need to know

Malware hidden in plain sight

The attack begins with a script embedded in a compromised Magento-based ecommerce site which references a seemingly harmless Google OAuth logout URL: https://accounts.google.com/o/oauth2/revoke.

However, this URL includes a manipulated callback parameter, which decodes and runs an obfuscated JavaScript payload using eval(atob(…)).

The use of Google’s domain is central to the deception – because the script loads from a trusted source, most content security policies (CSPs) and DNS filters allow it through without question.

This script only activates under specific conditions. If the browser appears automated or the URL includes the word “checkout,” it silently opens a WebSocket connection to a malicious server. This means it can tailor malicious behavior to user actions.

Read More

Continue Reading