HQ/EMEAFind out how we can help your business
Russian cybersecurity company Doctor Web (Dr.Web) revealed it faced a security breach over the weekend, leading the firm to disconnect its servers and halt updates for its anti-virus software. The attack occurred on Saturday, September 14, 2024, prompting the company to take immediate measures to protect its infrastructure and clients.
Dr.Web swiftly disconnected all servers from its internal network after detecting signs of unauthorised access to its systems. The company also paused virus database updates for its customers on Monday to investigate the breach and prevent further damage. In a statement, Dr.Web assured that the situation remained under control throughout the incident.
“We closely monitored the attack from the start and successfully contained the threat. No Dr.Web customer systems were compromised as a result of the breach,” the company said in a public statement. Following standard security protocols, all servers were taken offline to facilitate a thorough assessment of the damage.
By Tuesday, September 17, 2024, Dr.Web resumed delivering virus database updates, indicating that its security experts had identified and addressed the threat. According to the company, no customer data or systems were impacted during the attack.
Dr.Web deployed a series of security measures, including the use of its proprietary Dr.Web FixIt! software for Linux to isolate the threat.
The firm collected critical data during the response, which enabled its specialists to contain and mitigate the incident quickly. As a result, the company reaffirmed its commitment to ensuring the safety of its users, emphasising that customer systems remained secure.
Dr.Web is one of several Russian cybersecurity firms targeted by recent cyberattacks. Earlier in 2024, pro-Ukrainian hacker group Cyber Anarchy Squad breached Russian security firm Avanpost, stealing 390GB of data and encrypting over 400 virtual machines. In a separate case, Kaspersky disclosed in June 2023 that spyware had infiltrated iPhones on its network using zero-click iMessage exploits in an operation dubbed “Operation Triangulation,” which began in 2019.
Despite these challenges, Dr.Web’s timely response to the recent breach has helped minimise disruption, ensuring customers were not affected. The company continues to investigate the incident while reinforcing its security systems to prevent similar attacks in the future.
