Security lock

Russian Hacking Group Claims to Breach Three AV Companies

This is Bad. Really, Really Bad

I know what you’re thinking. That I am simply being overly sensational to create a sense of fear. But, you’re wrong. What happened is not only bad, but really, really bad.

The Russian hacking group called Fxmsp is claiming to have hacked three of the most popular security solutions. However, to date, the names of these organization have not been released.

There is no evidence that customer data has been leaked because the group went straight for these companies’ jugulars. Instead of breaching customer data, they stole private company information. Now customers may think they are in the clear because their data wasn’t taken, but they couldn’t be more wrong. Security experts have found credible evidence the information taken by the hackers includes development documents, artificial intelligence models and security solution base codes. This means hackers know exactly how to bypass the security solutions developed by these three companies. As I said, this is really, really bad. Not only for the companies who have to do damage control but for anyone using these solutions. But there is a problem. No one knows what companies were breached. Komando reached out to Bitdefender, Avast, Norton, and McAfee for a comment. Both Bitdefender and Avast confirmed they were not one of the companies impacted. Norton and McAfee have yet to respond.

You’re likely thinking, “Great, now what?!” Well, that’s a good question. I would recommend you reach out to your security solution provider and ask if they were breached by this group. If so, you need to find another security solution. And don’t be naive! The company will do whatever they can to put their customer’s mind at ease. They will likely claim it’s completely taken care of and customers are just as secure today as they were prior to the attack. However, that cannot possibly be the case. The hackers have the inner workings of the company’s security product; therefore, they know exactly how to bypass it. This is REALLY, REALLY BAD! If your security solution provider was breached, you need to consider finding an alternative.

**PC Matic was NOT one of the security solutions breached.

Update: BleepingComputer has released messages from private underground forums, which indicate Symantec, McAfee, and Trend Micro were the three AV companies struck. Of the three, Trend Micro is the only one that has confirmed being impacted.

 23,108 total views,  3 views today

(Visited 1 times, 1 visits today)

32 thoughts on “Russian Hacking Group Claims to Breach Three AV Companies”

  1. I have a question.
    I have the Microsoft security Icon on top of my PC Matic Logo, when I look it shows super shield in not working.
    When I bring up PC Matic it shows Super Shield is on and working.
    Should I worry about this?

  2. Thomas Hoffman

    I wondered about having McAfee alongside of my PC Matic since, the McAfee comes with my internet service. However, when I tried to uninstall the Mac a few months ago…..I kept getting scary messages saying “your firewall is down and PC is vulnerable!” (Or some wording like that) Does PC Matic have it’s own firewall or, take place completely of whatever the standard AV’s provide?

    1. PC Matic does not include a firewall. Our customers continue to use the firewall provided by Microsoft.

  3. Seems like blatant self-promotion for PCM. There are no facts that can be checked, and very off the cuff comments. I have to guess that a high % of replies are PCM generated as always.

  4. Skeeter Sanders

    If the Russian hacking of Symantec is proven to be true, it will be an unmitigated disaster for that company. Not only does Symantec own Norton, but through a recent acquisition, it also owns LifeLock and has a major TV ad campaign promoting LifeLock with Norton currently running. Just weeks ago, I had switched to Norton from AVG. Now I face the prospect of switching security companies AGAIN???

  5. So Symantec and McAfee have not yet admitted that they have been hacked! So what good does it do to ask them? They maybe will not admit anything in order to try and protect their reputation! Just more fear-mongering!

  6. Thanks PC matic for the heads up advice..I have used all three mentioned in the past..It is better to be informed and pro-active than not know..!! Also Thank You Eric Wright for excellent advice about shutting down your computer and router when idle for periods of time..Of course it is all Trump’s fault..(sarcasm)

  7. Since we use PC Matic, Trend Micro and Fix-It Stick should I be worried? With all 3 and only 1 of the three breached what steps should I take?

    1. We don’t encourage anyone to use more than one security solution at a time, as they may interfere with each other’s functionality.

      Since you are already protected with PC Matic, I would uninstall Trend Micro from all devices. Once this is completed, reach out to our support team at and have them run the proper confirmation testing to ensure PC Matic is indeed installed properly and our whitelist protection is running as it should.

  8. LifetimePCPitstopCustomer

    Hmm. Russians. Kaspersky ban. The more time passes, the more vulnerable AV companies and services are compromised, and our decision a few years ago after trying all these AV programs, our wise decision to switch completely to PCMatic. Perhaps we feel wiser than we should?

  9. “Of the three, Trend Micro is the only one that has confirmed being impacted.”

    That is just as bad, if not worse, than the hack itself. If I were using Symantec or McAfee, I would have permanently ditched them by now due to their “so what” attitude.

  10. :YUP! … I like that Israeli response also …. Too bad we can just send the bomb through the IP .. this way we dont have to fly anything but electrons through the wire …

  11. Robert Logemann

    Well,it looks like we have a cyber war with Russia.Then lets start hacking them too.Lrts harm them badly so they wont mess with us again

  12. Donald Pritchard

    Probably PCMatic. My computer has gone nuts for the past 3 days. Effecting my internet connection and removing the icons to PCMatic. There support group is running me around. Download This and Install that. Preparing to request a refund while I can.

  13. And what if they released only 3 of 10 or so companies names and they actually breached more?

    Talk about fear mongering, right?

    The best way to reduce risk is to reduce exposure… Shut off your router when nobody is going to be home, at least turn off your computers when you are not using them (or not home) if you won’t turn off your router.

    I would personally expect the group has hacked more companies, but isn’t naming them all so that only some of them will go into panic mode and change keys, code, and a head will probably roll @ each named company for allowing intruders in.

    I smell job openings at those companies very soon, and security audits at the rest.

  14. John from USA. Please before you spew criticism you should look look in the mirror. Any person before criticizing another should read the whole article instead of skimming through to what you want to see! I would feel very bad and apologize to this reporter. Good grief Charlie Brown.

  15. John USA,

    Read the article again, genius. She says she doesn’t know who.

    You’ve been warned. She suggested what action you should take. What else do you want?

    Again, read her article again. Slowly, if it will help your emotional outburst of stupidity. #SnowflakesEverywhere

  16. You sound the alarm and then you stupidly neglect to tell us who the 3 AV companies are.
    This is very bad journalism and reporting and I hate what you are doing.
    If you are going to scare us then it is your responsibility to be TRANSPARENT, which you obviously are NOT.
    Kayla Eliott should be fired, she is not good or competent.
    Where is your editor hiding?

    1. Hello John,
      Thank you for sharing your opinion. Unfortunately, no outlets, us included, have been informed of the three security vendors that have been impacted. There are suspicions, but nothing has been confirmed. This is why users are encouraged to reach out to their security solution providers to inquire about the status of their security.

    2. Read the update at the bottom of the article for the names of those companies who were hacked.

  17. Gerald Peterson

    As much as I want to disagree with Dora Smith and say that she is being naive, I admittedly have to agree with her.
    The article reads like a cheap stock tip advertisement.
    If it is true, then yes, it is really bad (really, really bad).
    But with so little specifics and detail it is basically ambiguous words; neither fact nor fiction, just words.
    Quite frankly it is unspecified fear mongering and yellow journalism.
    Come back with detail and now you’ll be dealing with reality.
    At that time you can give some concrete steps to be taken and a more informed consumer will appreciate the factful message you deliver.

  18. If you can’t tell us what three companies were hacked, and the Russian company claiming to have done it didn’t tell you either, I would seriously NOT WORRY ABOUT IT.

    If the Russians even did it they’d provide enough reason to even believe them. This is nothing more than Russian boasting.

    And it’s definitely not useful information! I’ll worry about it when I have something SPECIFIC to worry about, thank you very much!

    Get over yourselves!

    1. Hello Dora, A new report confirmed underground communications from the dark web state the three impacted were Symantec, McAfee and Trend Micro. The article has been updated to reflect this new information. Thank you!

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.