What's new

Trend Micro hacked by Fxmsp?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Is this source reputable? If so, Trend Micro might be hacked by Fxmsp:

https://www.cbronline.com/news/trend-micro-symantec-fxmsp

Luckily: “at this time we have seen no indication that any customer data nor source code were accessed or exfiltrated.

I was just about to post this:
https://www.bleepingcomputer.com/ne...eal-the-hacked-antivirus-vendors-avs-respond/

It seems as though their source code may have been stolen along with the other two vendors. Maybe time to turn off Trend Micro for good.
 
Last edited:
How accurate is this information? Should we disable AiProtection on our routers and Withdraw from the Administration Privacy tab too?
 
Doesn't sound like anyone will admit to being violated, I'll leave it off for a while and see what happens next. New password?
 
Doesn't sound like anyone will admit to being violated, I'll leave it off for a while and see what happens next. New password?

SOP, right! First, don't admit to anything. :)

I have just turned it off for now too. I'll be using a new password pronto.
 
I turned it off and changed my password as well. It’s either overkill, or very necessary. Can’t hurt either way.
 
  • Like
Reactions: Gar
Thinking out loud about this, could this be related in any way to what @Delusion is experiencing with Diversion Standard and the ongoing dcd crashes?

Nah, probably too far fetched...

https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-141#post-490276

I don’t think so, only because the sale of the source code hasn’t taken place yet. Not that the original hackers haven’t poked around, but there are TBs of data to sift through for vulnerabilities. And home routers are much less valuable targets than the corporate sector, which I bet is what they’d be looking to exploit for big money.
 
Hopefully by the time the sale transpires and they figure out the code Trend Micro has a plan to change it up.
How big a code change is this for them do you guess? A major rewrite or simpler? I obviously don't know this stuff.
 
Luckily: “at this time we have seen no indication that any customer data nor source code were accessed or exfiltrated.
Hm, maybe not:
According to Boguslavskiy, Trend Micro's statement is incorrect.

"As for Trend Micro report regarding source codes, we can provide evidence of the actual files taken (more than 100 MB of the sym files) that the actor had access with over 30TB of source code and everything from TrendMicro," the researcher told BleepingComputer.

Source: BleepingComputer.
 
A new password for what? (Router login? OpenVPN? Something else?)

Why? (Are passwords part of the traffic sent to Trend Micro?)

One would think not. Security paranoia. In all honesty disabling it probably isn’t even necessary, but since there’s a lot of unknowns I decided to play it safe.
 
One would think not. Security paranoia. In all honesty disabling it probably isn’t even necessary, but since there’s a lot of unknowns I decided to play it safe.
Playing it safe is the key. It was time for a new password anyway.
 
TrendMicro disabled means no adaptive QoS, correct?
 
How accurate is this information? Should we disable AiProtection on our routers and Withdraw from the Administration Privacy tab too?
thanks , done and done , now using 60mb ram instead of 138 mb ram , seeing as it was doing nothing good turning off trend has freed up ram at least
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top