VIDEO: Flaw in Antivirus Program Allowed Hackers to Steal Passwords

  • 0_1452875673874_VIDEO-_Flaw_in_Antivirus_Program_Allowed_Hackers_to_Steal_Passwords-_IT_Rewind_Episode_63-1.jpg

    Watch the video!

    Flaws in Trend Micro's antivirus program left user login names and passwords extremely vulnerable. Meanwhile, eBay has patched a security vulnerability that was leaving customer credentials exposed. To hear more, just click play!


    Hey everyone welcome back for another episode of IT Rewind. This week, a Google researcher discovered that flaws in Trend Micro’s antivirus product allowed for remote code execution by any website which left user passwords vulnerable. You’ll hear about this story and more right now on IT Rewind!

    When you think of antivirus programs, you think of protecting your systems, right? Well, recently Tavis Ormandy, a well-known Google security researcher found that bugs in Trend Micro’s antivirus software was leaving users passwords extremely vulnerable. Since the discovery, Trend Micro has released an automatic update that fixes the issue. Still, in the emails that Ormandy exchanged with the security firm, it was clear that Trend Micro wasn’t moving fast enough to fix the issue. In one of the released emails, Ormany said quote, “…This means anyone on the internet can steal all of your passwords completely silently, as well as execute arbitrary code with zero user interaction. I really hope the gravity of this is clear to you, because I’m astonished about this.” End quote. The issue was in the password manager of the antivirus product, which was written in java script and opened up HTTP remote procedure call ports to handle API’s. Users could elect to export their passwords to it. Ormandy quickly found an API that allowed him to access passwords stored in the manager.

    eBay has patched a vulnerability that could have exposed customer credentials. The cross-site scripting vulnerability left millions of users open to the threat of spear phishing attacks, which would have allowed cybercriminals to access credentials and potentially steal funds. The vulnerability involved the main domain and has been described as farily basic. The researcher who discovered the vulnerability was able to mirror eBay’s login page, which gave users an error when they tried to log in. However, it also revealed the username and password that the user attempted to enter. The researcher claims that eBay only fixed the issue after the media contacted them about it, even though he had brought it to their attention a month earlier.

    Before we go I’m excited to announce that registration for Navigate 2016 is now officially open. Make sure to book your tickets to this years user conference right here in Boston, Mass! Head over to to register.

    That’s all the time that we have for this week’s episode of IT Rewind, As always, read the full stories that we covered today and other tech stories by clicking on the links below.

    Of course, you can always find us on Twitter, Instagram and Vine at FollowContinuum. We’re also on Facebook, LinkedIn, Spiceworks, YouTube and Periscope

    Take it easy.

  • That's a pretty serious Trend Micro fail!!

  • Yeah, Security Now reported the report on this on Tuesday, I've busy and forgot to post about how everyone should probably bail on Trendmicro - they don't seem to care about their customers.

  • That's about as bad as it gets.

  • I wonder which TM products it was for. I use OfficeScan 11 and don't know of any feature that allows you to import your passwords from a browser.

  • The issues was in the built in password manager.

  • Is that a stand-alone product?

  • @wrx7m said:

    Is that a stand-alone product?

    Please reread the text above, or watch the linked video.

Log in to reply