| Malaysian Kaspersky website and shop hacked. Users at risk? |
|
|
|
| Written by Roberto Preatoni | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Sunday, 20 July 2008 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Along with it, the same cracker hacked also the official Kaspersky S.E.S. online shop and its several other subdomains. The attacker reported "patriotism" as the reason behind the attack and "SQL Injection" as the technical way the intrusion was performed. Both websites has been home page defaced as well as several other secondary pages. The incident, though appearing a simple website defacement, might carry along big risks for end-users because from both the websites, evaluation copies of the Kaspersky Antivirus are distributed to the public. In theory, the attacker could have uploaded trojanized versions of the antivirus, infecting in this way the unaware users attempting a download from a trusted Kaspersky's file repository (remember the trojan in the Debian file repository?). The defacement mirror for the Kaspersky official website can be viewed here, while the defacement mirror of the Kaspersky's online shop can be viewed here. Apparently, Kaspersky Labs haven't a good track record in securing their websites as by digging into Zone-H archives we discovered this long list of past incidents:
Total: 41 This long list, should ring an alarm bell to Kaspersky's administrators who should rush, in our opinion, in finding better security policies and implementations that should be applied to all their official and reseller's websites. Nobody really care anymore if a website's homepage gets defaced, but things get different when the compromised server is the one from which security solutions are downloadable by potential customers. Kaspersky's website seems running a custom ASP CMS, time for code review and patching?
Powered by a Zone-H(ified) version of AkoComment 3.0! DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
The official Malaysian Kaspersky Antivirus's website has been hacked yesterday by a Turkish cracker going by the handle of "m0sted".
| < Prev | Next > |
|---|
