Doctor Web resumed virus database updates after the attack on its infrastructure

September 18, 2024

Now that the dangerous situation involving the attack on Doctor Web's infrastructure has been resolved successfully, we're happy to bring you up to speed on the latest developments and present the security incident's complete timeline.

The attack on our infrastructure began on Saturday, September 14, 2024.

We were monitoring it closely and maintained control over the situation.

On September 16, 2024, Doctor Web’s information security team detected signs of unauthorised interference with our IT infrastructure.

Following established security policies, we disconnected all our servers from the network and initiated comprehensive security diagnostics. To analyse and eliminate the incident's consequences, we implemented a series of measures, including the use of Dr.Web FixIt! for Linux. The gathered data allowed our security experts to successfully isolate the threat and ensure that our customers remained unaffected by it.

September 16, 6:30 GMT

In accordance with our security policy, we temporarily disconnected certain nodes in Doctor Web's infrastructure from the Internet to perform additional checks. This resulted in a short-term interruption in the availability of Dr.Web virus database updates.

September 17, 13:30 GMT

Dr.Web virus database updates resumed in full. None of Doctor Web’s customers have been affected by the incident.

We continue to adhere to the highest information security standards and promptly take whatever measures are necessary to ensure the stable operation of all our systems and services.