eScan Antivirus Hit by Supply Chain Attack, Delivers Malware to Users

eScan users hit by malware via official updates; hackers altered servers to block future updates. Manual cleanup needed, legal steps underway.

By Content Team

Jan 31, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

eScan antivirus users worldwide received malware through official updates last week after hackers compromised the company's update servers. The attack occurred on January 20, when cybercriminals pushed a malicious 'Reload.exe' file that blocked future updates and installed additional malware.

Morphisec security researchers detected the breach and reported it to eScan's parent company MicroWorld Technologies on January 21. eScan confirmed unauthorized access to their regional update server and took affected servers offline for eight hours.

The malware modified users' systems so thoroughly that automatic fixes aren't possible. Affected customers must contact eScan's technical support for a manual cleanup tool. Despite confirming the breach, eScan disputes Morphisec's characterization of the incident and is reportedly consulting lawyers.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Iranian Hackers Used Stolen Credentials to Breach Medical Giant Stryker

Mar 18, 2026

Meet UNC6692: The Threat Group Hiding Attacks Inside Legitimate Cloud Traffic

Apr 28, 2026

Adobe Reader Zero-Day Exploit Actively Stealing User Data

Apr 9, 2026

Massive Supply Chain Attack on Trivy Tool Threatens Thousands of Organizations

Mar 25, 2026