Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


May 26th, 2014

AVAST forum offline due to attack

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. Less than 0.2% of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

Sincerely,

Vince Steckler

CEO AVAST Software

  • MikeBCda

    Any word yet on roughly when we can expect the forum to be back up and running (probably with new IP and maybe URL)? The “brief period” referred to by Mr. Steckler has now been something like a month, including the week or so after the outage before he posted a copy of his above notice to the forum’s home-page URL. Many of us are now “flying blind”, so to speak … among other things, the Updates topic beat the heck out of any equivalent site or utility available. Many thanks, and best.

  • cavehomme

    Are you guys serious security professionals? I think that you are, but several weeks without the forum is now raising some very serious questions about Avast’s own internal security procedures. Incorrectly blaming another vendor for your problems is not only bad form, it reflects very badly upon the company.

    Avast has a great track record, but in the past one year it has noticeably worsened in product quality and detection rates – we are not talking about the same here, but to my eyes it appears there is a systematic problem(s) at Avast and connected with the new owners / new ways of working.

    I wish you good fortune in resolving these issues and getting back on track, as well as improving detection levels and product quality.

  • cavehomme

    I think that you guys are serious security professionals, but several weeks without the forum is now raising some very serious questions about Avast’s own internal security procedures. Incorrectly blaming another vendor for your problems is not only bad form, it reflects very badly upon the company.

    Avast has a great track record, but in the past one year it has noticeably worsened in product quality and detection rates – we are not talking about the same here, but to my eyes it appears there is a systematic problem(s) at Avast and connected with the new owners / new ways of working.

    I wish you good fortune in resolving these issues and getting back on track, as well as improving detection levels and product quality.

  • cavehomme

    @cavehomme

    Please remove this post, placed here in error.

  • Pingback: Avast Forum Taken Offline, Watch Dogs Launch Plagued and eBay Breach Affecting ~145MM and more.. | Resolutions MSP

  • Pingback: کۆمپانیایەکی ئەنتی ڤایرۆس هاککرا | ماڵپه‌ڕی فه‌رمی کۆمیته‌ی سویسرا