Russian cyber firm Dr.Web says services are restored after ‘targeted cyberattack’

Avatar

Popular Russian antivirus developer Dr.Web said it has resumed operations after suffering a security breach over the weekend.

In a statement on Tuesday, the company said that the cyberattack was successfully “repelled” and “none of the Dr.Web users were affected.”

Dr.Web has been around for more than 20 years and is considered one of Russia’s largest domestic antivirus developers. Its services protect, among others, Russian critical infrastructure facilities, as well as the banking and telecom industries.

The company said earlier this week that it suffered “a targeted cyberattack” on its infrastructure, forcing Dr.Web to disconnect all resources from the network during the investigation. Because of the attack, the company couldn’t update its virus and malware database for several days.

In the latest statement, Dr.Web said that it had resumed operations and can now provide updates to its virus database. Some of the services are still under repair, the company said on its Telegram channel Wednesday. For example, the repository for UNIX systems, where software packages or source code is stored and made available for installation or distribution, is not yet available.

Dr.Web hasn’t disclosed any details about the cyberattack, who was behind it, or how the company’s infrastructure had been compromised. The company did not respond to a request for comment by the time of publication.

This is not the first time Russian cybersecurity firms have become the target of hackers. Earlier in July, a pro-Ukrainian hacker group known as Cyber Anarchy Squad claimed it had hacked the Russian information security firm Avanpost and leaked a trove of its data.

Avanpost, which has been operating in Russia for 15 years, develops authorization and authentication systems for local businesses. Its customers include Russian airports, a large water supply company and telecom service providers.

Last June, pro-Ukrainian hackers also hit a Russian internet and telecommunications company, Infotel, used mostly by banks and online stores, with a “massive” cyberattack. Infotel confirmed the attack, saying that the hackers damaged its network equipment.

CybercrimeNewsNews BriefsTechnologyIndustry
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Hackers deliver popular crypto-miner through malicious email auto replies, researchers say

Next Post

Police announce takedown and arrest mastermind behind criminal comms platform ‘Ghost’

Related Posts

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure
Avatar
Read More

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Avatar
Read More