Comsecure Details

    Organization Logo

    Comsecure

    Hlolon50 employees • Technology

    https://www.eset.com/il
    Israel

    Industry

    Technology

    Security Incidents

    1

    Comsecure is a technology company primarily focused on providing secure communication solutions and data protection services to businesses and government entities. The organization's main goal is to enhance the security of data exchanges and communication networks, ensuring privacy and safeguarding sensitive information against cyber threats. Comsecure specializes in encrypted communication services, end-to-end secure messaging platforms, and cybersecurity consultancy.

    Founded in the early 2000s, Comsecure has made significant strides in the cybersecurity industry by continuously innovating ...
    Show more

    Security Incidents

    Comsecure Breach of Oct 2024
    Severity Score
    Significant to High

    Type

    Phishing Attack

    Summary

    On October 8, 2024, a cyber attack targeted ESET's exclusive partner in Israel, Comsecure, leading to a phishing campaign aimed at Israeli businesses. The attackers breached Comsecure's email server, allowing fraudulent emails branded with ESET’s logo to be sent from the legitimate eset.co.il domain. These emails falsely pretended to warn recipients of state-backed cyber threats and encouraged them to install a supposed advanced antivirus software named "ESET Unleashed". However, this software was actually a data wiper, maliciously masked to delete files and corrupt partition tables, making da...
    Show more

    Severity

    The breach of ESET's exclusive Israeli partner's email server facilitated a sophisticated phishing campaign that pushed a destructive data wiper, cleverly disguised as legitimate ESET software, to Israeli businesses. Exploiting the ESET branding added credibility, as the phishing emails passed SPF, DKIM, and DMARC checks, camouflaging the attack's malicious intent and targeting unsuspecting victims with geopolitical motivations. The incident is a high-stakes reminder of the potential for chaos by leveraging legitimate identities, reflecting the continued use of data wipers against Israeli orga...
    Show more

    Impact

    The incident involving ESET's exclusive partner in Israel was a sophisticated phishing attack that involved breaching the email server of eset.co.il, operated by ESET's distributor Comsecure. Hackers used this breach to send phishing emails designed to look legitimate, as they originated from authenticated ESET-related domains and contained ESET's logos. The emails promoted a fake antivirus tool called "ESET Unleashed," which, when downloaded, contained a malicious data wiper executable that aimed to destroy data on the victim's computers.

    While no specific customer data was reported to have ...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos