Kaspersky download site hacked, redirected users to fake AV

By on October 20, 2010, 1:37 PM
Russian-based Kaspersky recently fell victim to the cyber criminals it tries to protect users against. The security firm, known for its solid anti-virus software, had its website compromised by hackers. As a result, users trying to download Kaspersky's software were instead redirected to a malicious website which encouraged them to download fake antivirus software. Kaspersky users complained on the company's forum, though the company at first denied there had been any problems.

Kaspersky eventually confirmed an attack had hit the site on Sunday, exploiting a vulnerability in a third party app used for the website's administration. The company claimed the redirection to the fake antivirus only lasted three and a half hours, and 10 minutes after the company was notified, the affected server was taken offline.

"Currently the server is secure and fully back online, and Kaspersky products are available for download," Kaspersky told IT PRO. "Kaspersky Lab also wants to confirm that no individual's details were compromised from the company's web servers during this attack. Kaspersky Lab takes any attempt to compromise its security seriously. Our researchers are currently working on identifying any possible consequences of the attack for affected users, and are available to provide help to remove the fake antivirus software."





User Comments: 18

Got something to say? Post a comment
treeski treeski said:

That's... kind of funny... but mostly just messed up. A security firm should be the last to get successfully hacked

Kibaruk Kibaruk, TechSpot Paladin, said:

Third party software or not, still the bad juju for them.

HaMsTeYr HaMsTeYr said:

Wow. I'm using Kaspersky PURE atm... thats going to be a hit on their rep for consumers everywhere.

Guest said:

Maybe Kaspersky did it to themselves and then provide the solution ~sarcastic comment

lawfer, TechSpot Paladin, said:

Lol, life doesn't get any more ironic than this.

TomSEA TomSEA, TechSpot Chancellor, said:

Oops - that's pretty embarrassing for them. Wonder who they ticked off?

NeoFlux said:

Worst thing is not that they got hacked. Worst thing is that they deny it.

Guest said:

They should have used Avira to protect their site.

:P

license27kill license27kill said:

it's funny NOD32 has to bring this up.. lol.. lmao

PanicX PanicX, TechSpot Ambassador, said:

The value of intrusion detection for a security firm should now be obvious to them. Waiting to have a compromised server reported to them by end users is really not the best approach.

JMMD JMMD, TechSpot Chancellor, said:

Happens to many, many sites and there are tons more than are vulnerable. People really need to start taking this stuff seriously.

Guest said:

I prefer my malware shaken not stirred. From Russia with love. Udachi.

Guest said:

Kaspersky challenge hackers with their software which is obvious why they are targeted by them. Just because other sites dont get hacked, like NOD32 or Avira - it doesn't mean they have better security.

I'm sure they will learn from this attack and fix the hole. No one can guarantee you 100% hacker proof since hacking is evolving everyday.

Guest said:

**** Kaspersky, I am shifting to AVG free antivirus. I spend 10minutes every month to find a working KEY for KAS, and they can't even protect themselves, what will they protect me. AVG here i come :)

Guest said:

Are you sure it wasn't on Monday? That's the day my Malwarebytes software kept picking up attempts to connect to bogus addresses and yes, it kept happening for 3 or 4 hours. Malwarebytes is almost always totally inactive so I was wondering what was going on.

Ahmed90 Ahmed90 said:

web site hacking have nothing to do with how strong there AV

its a totally different system web server and web pages and applications

not windows viruses and malwares

even Microsoft got attacked sometimes and got a viruses waves attacked them

Benny26 Benny26, TechSpot Paladin, said:

lol.. Gotta love ironey.

Guest said:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-t
l3-alureon-rootkit-using-tdsskiller

they pissed off the guys that created this ^ virus.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.