Computer Hacker

If you are using AVG, F-Secure (F-Prot), Sophos, ClamAV, Bit Defender, Avast, NOD32 or any such easy to download antivirus software for your PC, its time you sat up and took notice. An information security company setup by IIT Kharagpur engineers has found hackers using antivirus to break into the system.

“An attacker first crafts an email with malicious payload and sends it to the target user. When the email is scanned by the vulnerable anitivirus, it either crashes the antivirus software or executes arbitrary code resulting in complete security bypass and remote system compromise,” said iViZ Vice President Bala Girisaballa.

Home PCs apart, companies and business in banking, finance and insurance, IT/ITES and consulting, online retail, ecommerce, manufacturing, telecommunications and R&D are highly susceptible to such risks. If the antivirus crashes it can even cause remote system compromise. Attackers can steal information or cause ‘Denial of Service’ condition.

The company’s vulnerability research team that conducts extensive research on attack techniques and checks robustness of applications and networks by trying to penetrate them periodically discovered that several popular commercial and open source antivirus software were vulnerable to attacks. Incidentally, iViZ’s Green Cloud Security is the world’s only on-demand penetration testing for vulnerability.

Using a variety of file fuzzing techniques, the team discovered abnormal behavior in several security tools when handling complex or unusual executable header data. In such events, multiple bugs were found in anitivirus software while processing malformed packed executables. Some of these bugs proved to be security vulnerabilities which could make the antivirus itself as a backdoor for hackers.

“We work with vendors to help them with details and in developing the solution. The vulnerability is disclosed in public only after coordinating with vendors and ensuring user’s safety. The affected antivirus software vendors have been informed of the anomalous behavior,” said iViz’z CEO Bikash Barai. The anitivirus companies have to provide the fix to end-users if the application is hacked.

iViZ has developed the world first artificial intelligence based ‘human hacker simulation’ technology to find all possible attack paths by which intruders can compromize applications and networks. The technology has won recognition from Intel, University of California, Berkeley, London Business School, US Navy, US Homeland Security, Red Herring and Nasscom.

Acknowledging application like antivirus software were increasingly becoming more vulnerable, Digital Security Council of India CEO Kamlesh Bajaj felt enough attention was not being paid to secure coding practices.

Popularity: 17% [?]