Russian cyber firm Dr.Web says services are restored after ‘targeted cyberattack’

Avatar

Popular Russian antivirus developer Dr.Web said it has resumed operations after suffering a security breach over the weekend.

In a statement on Tuesday, the company said that the cyberattack was successfully “repelled” and “none of the Dr.Web users were affected.”

Dr.Web has been around for more than 20 years and is considered one of Russia’s largest domestic antivirus developers. Its services protect, among others, Russian critical infrastructure facilities, as well as the banking and telecom industries.

The company said earlier this week that it suffered “a targeted cyberattack” on its infrastructure, forcing Dr.Web to disconnect all resources from the network during the investigation. Because of the attack, the company couldn’t update its virus and malware database for several days.

In the latest statement, Dr.Web said that it had resumed operations and can now provide updates to its virus database. Some of the services are still under repair, the company said on its Telegram channel Wednesday. For example, the repository for UNIX systems, where software packages or source code is stored and made available for installation or distribution, is not yet available.

Dr.Web hasn’t disclosed any details about the cyberattack, who was behind it, or how the company’s infrastructure had been compromised. The company did not respond to a request for comment by the time of publication.

This is not the first time Russian cybersecurity firms have become the target of hackers. Earlier in July, a pro-Ukrainian hacker group known as Cyber Anarchy Squad claimed it had hacked the Russian information security firm Avanpost and leaked a trove of its data.

Avanpost, which has been operating in Russia for 15 years, develops authorization and authentication systems for local businesses. Its customers include Russian airports, a large water supply company and telecom service providers.

Last June, pro-Ukrainian hackers also hit a Russian internet and telecommunications company, Infotel, used mostly by banks and online stores, with a “massive” cyberattack. Infotel confirmed the attack, saying that the hackers damaged its network equipment.

CybercrimeNewsNews BriefsTechnologyIndustry
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Hackers deliver popular crypto-miner through malicious email auto replies, researchers say

Next Post

Police announce takedown and arrest mastermind behind criminal comms platform ‘Ghost’

Related Posts

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (
Avatar
Read More

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 – Nov 10)

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,
Avatar
Read More