This is Bad. Really, Really Bad
I know what you’re thinking. That I am simply being overly sensational to create a sense of fear. But, you’re wrong. What happened is not only bad, but really, really bad.
The Russian hacking group called Fxmsp is claiming to have hacked three of the most popular security solutions. However, to date, the names of these organization have not been released.
There is no evidence that customer data has been leaked because the group went straight for these companies’ jugulars. Instead of breaching customer data, they stole private company information. Now customers may think they are in the clear because their data wasn’t taken, but they couldn’t be more wrong. Security experts have found credible evidence the information taken by the hackers includes development documents, artificial intelligence models and security solution base codes. This means hackers know exactly how to bypass the security solutions developed by these three companies. As I said, this is really, really bad. Not only for the companies who have to do damage control but for anyone using these solutions. But there is a problem. No one knows what companies were breached. Komando reached out to Bitdefender, Avast, Norton, and McAfee for a comment. Both Bitdefender and Avast confirmed they were not one of the companies impacted. Norton and McAfee have yet to respond.
You’re likely thinking, “Great, now what?!” Well, that’s a good question. I would recommend you reach out to your security solution provider and ask if they were breached by this group. If so, you need to find another security solution. And don’t be naive! The company will do whatever they can to put their customer’s mind at ease. They will likely claim it’s completely taken care of and customers are just as secure today as they were prior to the attack. However, that cannot possibly be the case. The hackers have the inner workings of the company’s security product; therefore, they know exactly how to bypass it. This is REALLY, REALLY BAD! If your security solution provider was breached, you need to consider finding an alternative.
**PC Matic was NOT one of the security solutions breached.
Update: BleepingComputer has released messages from private underground forums, which indicate Symantec, McAfee, and Trend Micro were the three AV companies struck. Of the three, Trend Micro is the only one that has confirmed being impacted.