AvSoft Technologies's SmartCOP site is hosting malicious code, researcher says
Hackers have turned the Website of AvSoft Technologies, an Indian antivirus software maker, into a host for malicious code, a researcher said late last week.
Roger Thompson, chief research officer with security vendor AVG (formerly Grisoft), said his company has spotted malicious code emanating from the download site for AvSoft's SmartCOP (S-Cop), an antivirus software package.
According to a news report, the attack uses an exploit called "iFrame injection" in which attackers open an invisible iFrame Window within the victim's browser that redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim's computer -- in this case, the Virut virus.
AvSoft, based in New Delhi, offers two antivirus packages, SmartCOP and SmartDog. The malware used to install Virut exploits only well-known bugs, which means that users who are running antivirus software on fully patched systems will probably not be infected by the attack in its current state, security experts say.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024