Hackers exploiting Corporate Antivirus programs

Cyber security in a corporate is critical for maintaining its business. Millions of dollars are spent every year to maintain adequate security for a firm’s software and hardware assets. Most of the major companies hire security firms who specialize in cyber security to beef up their systems. They also install antivirus programs throughout their networks to protect their systems against hackers.

However, using a corporate antivirus program for your company may not be advisable nowadays. Researchers have found and reported several dozen serious flaws in antivirus products from vendors such as Kaspersky Lab, ESET, Avast, AVG Technologies, Intel Security (formerly McAfee) and Malwarebytes. Many of those vulnerabilities would have allowed attackers to remotely execute malicious code on computers, to abuse the functionality of the antivirus products themselves, to gain higher privileges on compromised systems and even to defeat the anti-exploitation defenses of third-party applications.

Exploiting some of those vulnerabilities required no user interaction and could have allowed the creation of computer worms -- self-propagating malware programs. In many cases, attackers would have only needed to send specially crafted email messages to potential victims, to inject malicious code into legitimate websites visited by them, or to plug in USB drives with malformed files into their computers.

The intelligence agencies of various governments have long had an interest in antivirus flaws. News website The Intercept reported in June that the U.K. Government Communications Headquarters (GCHQ) filed requests in 2008 to renew a warrant that would have allowed the agency to reverse engineer antivirus products from Kaspersky Lab to find weaknesses. The U.S. National Security Agency also studied antivirus products to bypass their detection, according to secret files leaked by former NSA contractor Edward Snowden, the website said.

Once considered a safe haven, antivirus programs have now lost their protective shields. Antivirus software companies have to continuously monitor and improve their programs and patch vulnerabilities as soon as they appear or else their whole businesses will soon be kaput.