Russian anti-malware company Dr. Web, also known as Dr.Web, recently disclosed a security breach after its systems were targeted by a cyberattack over the weekend. The company detected “signs of unauthorized interference” in its IT infrastructure and promptly disconnected all servers from its internal network to prevent any potential harm.
Dr. Web stopped delivering virus database updates to customers on Monday while investigating the incident. However, no user whose system was protected by Dr. Web was affected by the attack. In a statement, the company said it prevented the attempt to harm its infrastructure in a timely manner and implemented comprehensive security diagnostics.
After completing an investigation, Dr. Web resumed virus database updates on Tuesday. The company emphasized that the security breach did not impact any of its customers. It also implemented measures to analyze and eliminate the incident’s consequences, including using Dr. Web FixIt! for Linux.
The security firm is one of several Russian cybersecurity companies targeted by cyberattacks in recent years. Other notable cases include Avanpost, a pro-Russian information security firm that was breached by pro-Ukrainian hackers in June, and Kaspersky, which reported being targeted with spyware via iMessage zero-click exploits targeting iOS zero-day bugs as part of Operation Triangulation.
Source: https://www.bleepingcomputer.com/news/security/russian-security-firm-drweb-disconnects-all-servers-after-breach/