// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-wedgDTG 0600Z
Breach Record

Avast

DISCLOSED 2026-04-14 · MALWARE

Attackers compromised the official JDownloader website and replaced download links with trojanized installers. The malicious installer deploys a Python bot, an r77 rootkit, and a WDAC policy that blocks 50 security executables from running, effectively killing antivirus protection. The attack uses dead-drop resolvers for resilient C2 communication.

The record

What we know

Disclosed
2026-04-14
Attack vector
Malware
Sources

Cited reporting

Similar vector · recent

Other malware breaches on file

This page is the permanent ColdRecon entry for the Avast disclosure. It updates if new public reporting emerges. All tracked breaches →

Avast just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →