Avast - April 23, 2024 https://decoded.avast.io/janrubin/g...for-distributing-backdoors-and-casual-mining/ Long article; read there more.
Wow, very sneaky and sophisticated attack. But clearly the MitM was done by some malware that was already running on the system, which means that eScan wasn't able to spot this malware. So that's why you should always deploy a seperate behavior blocker/EDR that augments the AV. On the other hand, eScan would be a trusted process, so this means that you should deploy a zero trust behavior blocker, I don't know if this exists at the moment.
