Home Unlabelled Beware Avast!! Crypto-Currency Attacks Coming from Avast

Beware Avast!! Crypto-Currency Attacks Coming from Avast

By
Friday, September 08, 2017
Read
Add Comment
Avast is the Prague, Czech Republic based AV software developer that is famous for offering free AV software. Presently, they have the largest share of the global AV  market. 
If you have installed Avast or are considering installing Avast, STOP right now!
Recently, a client came to Hackers-Arise through our Hackers for Hire program. This program was designed to help those that have been hacked. This client had been hacked and lost  a very substantial sum of crypto-currency (I must leave the details out to protect their identity). They asked us at Hackers-Arise to help them trace the perpetrators and recover their lost wealth. 
Our Investigation 
Our first step was to obtain the log files from the crypto-currency account. These log files indicated that someone other than our client had logged into the account and had initiated withdrawals. We then traced the IP address of the perpetrators.
What we found next stunned and alarmed us!
The perpetrators were coming from IP addresses owned by Avast! Our client had Avast AV software installed on their computer system and the perpetrators were coming from an Avast IP address. 
There is no way of knowing for certain yet, whether these are rogue employees of Avast or hackers having taken over Avast IP addresses and accounts.  In either case, Avast appears unsafe.
What You Should Do
You should immediately disable and remove Avast AV from your computer systems. Do not leave your system exposed. Make sure to then install another AV software application on your system(s).
No matter what the ultimate source of this attack--at a minimum--Avast has been negligent in monitoring their own software and/or employees. It appears that the hackers are using the Avast AV as a backdoor to steal credentials of unwitting customers. Whether these hackers are associated with Avast, we can't be certain at this time.
What we DO know for certain is;
(1) the client had Avast installed on their computer system;
(2) the hackers were able to obtain the victim's credentials for the crypto-currency account
(3) the attack and theft came from an Avast IP address.
Although this is circumstantial evidence, we felt compelled to warn the IT security industry before it leads to additional thefts. Avast may be a vector for further attacks upon your security and systems.


from hackers-arise full article here
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us