eScan antivirus infected its own users

eScan antivirus infected its own users – Security Now! #1063 – 02-03-26
Last week, two security companies – Morphisec and Kaspersky – both detected and reported
that the eScan antivirus product, published by a company based in India, had attacked its own
users after one of its update servers was breached and infected with malware. The event was
covered by BleepingComputer which shared eScan’s defensive annoyance over the bad press this
generated. BleepingComputer also reminded us that back in April of 2024 eScan’s update facility
was breached by North Korean hackers and used to spread malware to corporate networks. I’ve
often said that anyone can make a mistake and that sometimes mistakes can make us stronger.
But an antivirus solution has a privileged position in our machines and a second similar incident
occurring fewer than two years later should be a concern to any eScan customer.