Infected while using antivirus? Can antivirus be hacked?

Published by Adrian in Antivirus, Guides

Hack Alert Hand Shows Hacking 3d Illustration

Antivirus is one of the security layers that most people use. It offers protection against cyberattacks and prevents the user from becoming a victim in this battle. But what about the antivirus itself. Can it be a victim of an attack? And most important, can you be a victim because of it? If you are a skeptical person like me, I bet these questions came to your mind.

Can antivirus be hacked? Yes, it can. There are basically two ways that an antivirus can be haked. The first one is when the hacker is attacking the antivirus company to steal customer information. The other one is when the hacker knows the weaknesses of a specific antivirus and uses them to infect its users

That is scary to know. Nobody is wholly secured when it comes to a cyberattack, not even a big security company. And the bad thing is if that happens and you are an antivirus user you can become a victim because of them. Your credit card details and personal information will land into the wrong hands, and who knows what the hacker will do with it. Let’s start up by looking at some facts.

Were antivirus companies ever hacked?

I accidentally came to this youtube video where it talks about how some Russian hackers attacked few antiviruses companies. They claim the successfully got access to their antivirus source code and to their AI definitions. This is bad because if they look at the source code, they can know what to exploit to get into a user computer. I was puzzled.

So I put my detective hat on and did some research. Got on google and search for this incident to see if it’s true or if it was just to spread some dirt on antivirus companies. The Russian group called Fxmsp attacked Trend Micro, Norton, and McAfee to get into the source code. After six months of work, they claimed that their attack was successful and got their hands of hundreds of terabits of data. Source code and customer information.

AdvIntel, a fraud prevention agency, contacted Trend Micro, Norton, and McAfee to confirm or not if those allegations were true. Trend Micro responded that they had a security breach but not to the source code or other relevant information. They claim that the hacker managed to access a test lab, and no critical data was compromised.

Norton denied that they were affected by the attack, and there was no security breach. McAfee didn’t respond, so we cannot know for sure if they were attacked. So we don’t know if they were compromised or not.

Are We Safe if that Happened?

Your private information in the wrong hands can do some damage. So you are not safe. The hacker can use your credit card information for purchases or sell your personal information to other companies.

The companies denying that they were hacked can be comforting that your information is safe. But them telling you this is not making it true or false. So there still can be a possibility of that really happened. And the companies are trying to hide this fact from us.

In one of the articles that I read about this incident, it seems like the hacker requested a ransom for returning that data to the hacked vendors. This can mean that the attack happened, and the purpose of it was just to get a big check from a big company.

If that really happened and our information is out there, the antivirus vendors affected will do everything in their power to make sure their customers are safe. The life of a business depends on clients, so their number one priority should be their customers.

Can your antivirus get hacked?

First, let’s look at how an antivirus works. It’s taking a look at every piece of data that is coming in or out of your computer. If it is a potential threat, it will stop it; if not, it will let it pass. When it detects that something can be harmful, a downloaded file or a website,  the antivirus will prevent it from entering your computer. Basically, is Batman watching over Gotham for bad guys. When he sees one, he will try to stop him. Sure your antivirus doesn’t have Batman’s fancy belt or suite, but it has a defense mechanism that will protect you from attacks.

But being a piece of software and being made by man is not perfect. It still has flaws and weaknesses, and a hacker can exploit them. In the case that we started talking about at the beginning of this article, if the hacker has access to that source code, he or she can identify the potential weaknesses. The hackers can infiltrate into the computers using this specific antivirus and infect the users without the antivirus noticing it.

Even if the hacker has the antivirus source code, it will take a while before he or she can find those weak spots. And by then, the antivirus company already updated the antivirus code.

Hackers can also use a newer type of malware to target outdated antivirus software or operating systems. If you have an older system that is out of date and antivirus software in the same boat, you can get infected without knowing it. It is best to keep your system and security software up to date.

How can you know you were a victim?

If you are a client of the companies that were attacked and think that you are a victim, how can you tell? They tell you that you are safe and should not panic. How can you know that is true.?

I got my information leaked out before from a security breach. I don’t know who was hacked, but the important thing is that my information was out there. I received tons of calls and emails that were trying to sell me a bunch of stuff. And the weird part of it was not all was in English. I received calls and in Chinese (I guess) or in other languages that I don’t recognize. It was a mass for a few days. I blocked a lot of that numbers, and if someone calls me with no ID or I don’t recognize the number, I let it go to my voicemail. If it is someone important, they will leave a message.

But what about if you get infected with a virus? And your antivirus doesn’t seem to care or notice? There are a few signs that you can look up for:

  • Your Internet Browser is not looking like before. You probably see a change on the homepage. All of a sudden, when you open your browser, the homepage is different. It is something that you didn’t change or have seen before. You are seeing a lot of pop-ups, probably a toolbar, and your browser is kind of slow and glitchy. That is a sign that you were hacked.
  • Your Pc is acting out. Looks like your PC is on snail mode? Do weird things appear on your desktop? You can get error messages that your pc is missing files, or you cannot access some tools that you usually can. That’s right!  You guessed it!
  • Emails, phone calls. I mentioned that I was a victim of an attack? If you receive weird phone calls or spammy emails, you got hacked.

You can read more about this topic by reading this article

How to prevent cyberattacks?

Antivirus should be just one layer of protection in your security suites. Hackers are trying to hack you, not your antivirus, when they target your pc. They will try to exploit the weaknesses of your operating system too. Being extra cautious will go a long way, and there are some simple things that you can do to:

  1. Never use your PC as an administrator. This is more for Windows users. When you install Windows on your Pc, it will create an admin user. If you are an admin, you can do whatever you want, including deleting system files. And if you get hacked, they will have the same powers you have. So do yourself a favor and create a separate user account and use this instead of your admin account.
  2. Keep your system and hardware up to date. When a system or hardware drive update pops up, you better install it on your pc. Those updates will fix issues that your OS or other software has, including security weaknesses.
  3. Backup your data. In case you are a victim of a ransomware attack and the hacker is asking for money to decrypt your data, having a backup will save you some money.

There are more things that you can to protect yourself, and I covered more of them in this article.