Hackers Turn Antivirus Site Into Virus Spreader

AvSoft Technologies's SmartCOP site is hosting malicious code, researcher says

Dark Reading Staff, Dark Reading

February 11, 2008

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Hackers have turned the Website of AvSoft Technologies, an Indian antivirus software maker, into a host for malicious code, a researcher said late last week.

Roger Thompson, chief research officer with security vendor AVG (formerly Grisoft), said his company has spotted malicious code emanating from the download site for AvSoft's SmartCOP (S-Cop), an antivirus software package.

According to a news report, the attack uses an exploit called "iFrame injection" in which attackers open an invisible iFrame Window within the victim's browser that redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim's computer -- in this case, the Virut virus.

AvSoft, based in New Delhi, offers two antivirus packages, SmartCOP and SmartDog. The malware used to install Virut exploits only well-known bugs, which means that users who are running antivirus software on fully patched systems will probably not be infected by the attack in its current state, security experts say.

— Tim Wilson, Site Editor, Dark Reading

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights