Now on Demand: Zero Trust Strategies Summit - Access All Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Russian Security Firm Doctor Web Hacked

Antimalware company Doctor Web was recently targeted in a cyberattack that prompted it to disconnect all resources from its networks.

Doctor Web hacked

Russian antimalware company Doctor Web, the developer of Dr.Web cybersecurity products, on Tuesday said it was recently targeted in a cyberattack.

In an English-language statement posted on its website, the security firm said it had detected a targeted attack aimed at its resources on September 14. 

“The attempt to harm our infrastructure was prevented in a timely manner, and no user whose system was protected by Dr.Web was affected,” the company said.

The incident prompted the company to disconnect all resources from its network to check them for signs of compromise. Its Dr.Web virus databases were also temporarily suspended.

A post written in Russian reveals that the company had kept an eye on the attacker’s movements after detecting the breach. In the same post, the company said the virus databases have been brought back online. 

Doctor Web has not shared any information on who may be behind the attack. Cybersecurity companies may be targeted by any type of threat actor, including state-sponsored groups, hacktivists, and profit-driven cybercriminals. 

The Russian cybersecurity firm Kaspersky, which is leaving the United States following a software sale ban, was targeted at least two times by what are believed to be state-sponsored threat actors: a decade ago in Duqu 2.0 attacks and more recently in Operation Triangulation

The Russian security firm Avanpost was recently targeted by pro-Ukrainian hackers, with the attackers claiming to have stolen and destroyed vast amounts of data belonging to the company. 

Advertisement. Scroll to continue reading.

Western cybersecurity companies have also been targeted in recent months, including major firms such as Zscaler and Fortinet, both apparently targeted by profit-driven hackers.  

Related: North Korean Hackers Hijack Antivirus Updates for Malware Delivery

Related: Cybersecurity Firm FireEye Says Was Hacked by Nation State

Related: Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.