Security researchers have revealed a vulnerability in a popular virus scanner. Now the founder behind it is fighting back. We have summarized what is behind the allegations for you here.
The free online service VirusTotal was apparently exposed to a security gap for a long period of time. The security experts from “CySource” (via “The Daily Swig”) found out in an investigation. VirusTotal is an online virus scanner operated by Google. Users can enter documents, images or even entire URLs here and receive a virus scan from various anti-virus programs. These are hosted in the background on VirusTotal servers, but also on servers from other providers.
According to CySource, the service could be manipulated. Accordingly, an image with hidden malicious code was uploaded, which the experts could use to gain access to the servers. According to the experts, more than 50 host servers are to be hijacked. The malicious code also gave the analysts high access rights to the servers.
Vulnerability at VirusTotal: Developers defend themselves against allegations
The report was sent to Google before it became public, and they patched the vulnerability in January 2022. However, there was probably a misinterpretation based on the CySource report. Numerous media reported that VirusTotal’s servers could be hacked. According to VirusTotal founder Bernardo Quintero, this was not the case.
Only servers offered by third-party providers and partners appeared in the report. According to the founder, many third parties download VirusTotal and host the service themselves on their own servers. CySource’s security experts have not yet commented on the founder’s statement.
Shop recommendation for antivirus
Offer from BestCheck.de | Prices incl. VAT plus shipping
Other readers are also interested in: