bit-tech.net

Kaspersky suffers database crack

Published on 9th February 2009 by Gareth Halfacree

Kaspersky's software might protect you against nasties on the desktop - but it doesn't seem to have done the same for the company's own servers.

A cracker by the name of “unu” has claimed that the website of anti-virus vendor Kaspersky is wide open to attack from SQL injection – and that it's possible to get a complete copy of the site's database containing personal information on the company and its customers.

As reported by The Register on Sunday, the digital miscreant – who posted the results of his attack to website Hackers Blog – the claim is that a simple manipulation of the URL on the usa.kaspersky.com domain allowed for complete access to the back-end database.

With screenshots to back up his claims, it certainly looks like Kaspersky might have an embarrassing failure to secure its website – made worse by the fact that the company offers a range of security products designed to detect and prevent this sort of intrusion on their customers' servers.

The data at risk includes user information for customers of Kaspersky, details on the company's financials including lists of on-line sales, all support tickets registered on the system – both internal and external – and a list of every activation code the company has ever issued for its products. However, it is not thought that customer's financial data – including credit card details – is stored on the same system.

The flaw is made doubly urgent as it is possible – although not yet confirmed – that a cracker using the information posted on the Hackers Blog site could plant malware in Kaspersky's website: IBM's chief security strategist Gunter Ollman worries that “this type of critical flaw could probably be used to usurp legitimate purchases and renewals of [Kaspersky's] products – which could include the linking to malicious and backdoored versions of their software.”

Kaspersky has yet to issue a statement on the claimed attack, except to say that it would be looking in to the issue as a matter of urgency.

Is this the worst possible advert for the efficacy of Kaspersky's security solutions, or does it simply reveal an embarrassing lack of routine security maintenance at the firm? Share your thoughts over in the forums.

10 Comments

Discuss in the forums Reply

DarkLord7854 9th February 2009, 16:15

Irony at it's best :D

lp1988 9th February 2009, 16:37

And the turnover goes bye bye..

n3mo 9th February 2009, 16:55

Who the hell uses Kaspersky anyway? lol.

leexgx 9th February 2009, 17:09

Good at slowing pcs down all I find it does good at doing and asking questons a lot (firewall)

Why use sql any more any way for important stuff to insecure. I guess some one is going to get fired at k's office today

proxess 9th February 2009, 17:32

is that one of those ancientware technologies called antibirus or something like that?

kylew 9th February 2009, 19:27

Quote:

Originally Posted by DarkLord7854
Irony at it's best :D

Illiteracy at its best :D ouch! :p

I've always wondered what AV programs AV developers use on their own systems.

Surely most of them don't use their own ones, as most of them are beyond poor. *looks at Symantec*

Jamie 10th February 2009, 07:43

"Hacker" using windows

Bauul 10th February 2009, 09:56

Titter. You'd think they'd listen to their own advice, but I guess not. :)

TreeDude 10th February 2009, 13:18

Quote:

Originally Posted by n3mo
Who the hell uses Kaspersky anyway? lol.

You have probably used AVG before, right? AVG uses Kaspersky's scanning engine. Kaspersky is actually very popular and widely used.

thehippoz 10th February 2009, 15:56

hehe yeah tree they were rated pretty good awhile back.. but same here I don't run any antivirus- I do run netlimiter on my xp rig though.. like a 3rd party uac for xp and I can control the bandwidth used by each app- vista really no need