Risky Bulletin Risky Bulletin: eScan antivirus distributes backdoor in latest supply chain attack
8 snips
Jan 29, 2026 A supply-chain breach pushed a backdoor through an antivirus update. A large proxy botnet was taken down and Android SDKs tied to it may be blocked. A destructive wiper hit dozens of Polish energy sites. Reports cover low GDPR fine collections, new location-privacy controls, major legal settlements over tracking, and rising crypto laundering routes.
AI Snips
Chapters
Transcript
Episode notes
Antivirus Supply-Chain Compromise
- eScan's update mechanism was abused to deliver a backdoor that disabled future updates and reached a remote C2 server.
- The compromise lasted about an hour on a single regional update server on January 20th.
US Cyber Ops Against Disinformation Farms
- U.S. Cyber Command conducted operations against foreign disinformation farms ahead of the 2024 elections.
- The campaign targeted Russian and Iranian troll farms, per CNN reporting.
Wiper Attack Hits Energy Infrastructure
- A Russian data wiper hit 30 Polish energy locations, destroying remote terminal units beyond repair.
- Dragos said the attack affected heat, power, wind and solar management without crashing the grid.