What will happen when nod32.com domain will be hijacked? I talk about this theoretically but it is quite important. For example someone successfully hijacked nod32.com domain (it is possible - read about recent hijacked google.de and ebay.de). Attacker make fake update.ver pointing to his fake update files. Users will download fake updates and AV will be screaming with tons of false positives or worse new AV code will be executed in kernel context... Any comments?