A range of affected products: The flaw affects all of ESET offerings with the command line scanner which includes an array of products used by power users, IT admins, and enterprise environments.According to the advisory, the affected antivirus versions include ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, and ESET Security Ultimate 18.0.12.0 and earlier. Affected Windows offerings include Endpoint Antivirus for Windows and Endpoint Security for Windows 12.0.2038.0 and earlier.Affected Enterprise offerings include ESET Small Business Security and ESET Safe Server 18.0.12 and earlier. All affected versions have been fixed in the respective latest upgrades. Kaspersky has shared indicators of compromise (IoC) to help detect traces of ToddyCat activities. “To detect the activity of such tools, it’s recommended to monitor systems for installation events involving drivers with known vulnerabilities.” Using operating system tools to check all loaded system library files for the presence of malicious files, like version.dll, was also recommended.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3957108/chinese-toddycat-abuses-eset-antivirus-bug-for-malicious-activities.html
