← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - Threat Bulletin: Critical eScan Supply Chain Compromise
WHITE celestre 2026-01-30 Modified: 2026-03-01
17
IOCs
MEDIUM VOLUME
On January 20, 2026, Morphisec identified an active supply chain compromise affecting MicroWorld Technologies’ eScan antivirus product. Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally.
sha256trojanizedcomponenthashesadditionalvirustotalcodecertificatemicroworldcommand
Indicators of Compromise (3 / 17 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 350b82fa70888eee712fb08fed90a14d MD5 of 386a16926aff225abc31f73e8e040ac0c53fb093e7daf3fbd6903c157d88958c 2026-01-30
FileHash-MD5 8c96e393be264bce1789a93b59cb6853 MD5 of bec369597633eac7cc27a698288e4ae8d12bdd9b01946e73a28e1423b17252b1 2026-01-30
FileHash-MD5 b6373e6f0e6dcd2fbe8cb437a3130ac1 MD5 of 674943387cc7e0fd18d0d6278e6e4f7a0f3059ee6ef94e0976fae6954ffd40dd 2026-01-30
References (1)
↗ https://www.morphisec.com/blog/critical-escan-threat-bulletin/