The hackers who carried out these cyber attacks spoofed eScan antivirus engine updates sent to users via HTTP. To infect user devices, Avast experts said they used MiitM, or “man in the middle,” a fairly common man-in-the-middle scheme implemented using the DLL interception method and hackers’ own DNS server. allowed them to appear as legitimate domain names. Then hackers started using IP address masking.
Avast experts shared the data with both eScan antivirus developers and the Indian Computer Emergency Response Team (CERT). After some time, the eScan team reported that the backdoor had blocked access to the devices.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
