[Updated] Kaspersky Lab hacked: another sign of the losing war against hackers?

February 8, 2009 | Dean Takahashi | Comments | |

Oh great, this is all we need. Kaspersky Lab, a big antivirus software company, has been hacked, according to the Register. That seems to be the conclusion based on evidence posted on HackersBlog yesterday.

The hacker apparently launched a simple attack (SQL injection) that gave access to a database containing “users, activation codes, lists of bugs, admins, shop, etc.” Dan Goodin at the Register reports that this kind of attack has happened a few dozen times at Kaspersky since 2000.

That’s pretty bad PR for Kaspersky, whose job it is to protect us all from malicious hackers. If they can’t keep their own data safe and secure, are you going to trust them with yours? That’s always been the case in the antivirus and security software industry. Hackers love to embarrass the people who are out to stop them in their tracks.

[update] A Kaspersky spokesman sent the following comment:

On Saturday, February 7, 2009, a vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site. The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection. The vulnerability wasn’t critical and no data was compromised from the site.

Kaspersky’s site says it protects more than 250 million users worldwide. The company was founded in 1997. The company frequently warns of Internet-related dangers; in this release, it notes that one in every 50 Internet sites is infected with malicious code.

The larger problem isn’t that Kaspersky got hacked. It’s just happening to everybody. [Update 2, Monday AM] The company’s support site was exposed for about ten days to this vulnerability, Kaspersky said in a call today. Roel Schouwenberg, senior anti-virus researcher at Kaspersky, said honestly that this will hurt the reputation of the company and it will do everything it can to protect itself. He said that the company partnered with an external vendor who custom-developed some code for the company. The vulnerability was in that external vendor’s code. The company said it has hired outside help to investigate the matter.

Next Story: OneSpot raises $4.2M for customized news aggregation
Previous Story: Lunarr’s Elements is a Twitter-like image-sharing tool to stoke the imagination

Bookmark and Share

Tags:

Photo of Dean Takahashi

About the Author, Dean Takahashi

Dean is lead writer for GamesBeat at VentureBeat. He covers video games, security, chips and a variety of other subjects. Dean previously worked at the San Jose Mercury News, the Wall Street Journal, the Red Herring, the Los Angeles Times, the Orange County Register and the Dallas Times Herald. He is the author of two books, Opening the Xbox and the Xbox 360 Uncloaked. Follow him on Twitter at @deantak, and follow VentureBeat on Twitter at @venturebeat.

  • tdadd
    "The vulnerability wasn’t critical and no data was compromised from the site."
    .... hahah how pathetic
  • If you search for any antivirus software using Shareminer.com or Phazeddl.com, you'll see that there are many cracked versions of these antivirus floating around the internet. If hackers can crack an antivirus software, then that antivirus is not reliable. Hackers are always one step ahead of these companies.
  • Pas: That's really another issue entirely. Cracking software is different because you are provided with a binary that you can modify. I believe computer science can "prove" that all software is crackable, and anything that makes it "uncrackable" is just obfuscation.

    This is much different than software defects that allow pathological input to alter program execution.

    The fact that Kaspersky AV can be hacked and their update server fooled isn't a big deal. The fact that they hired a bunch of idiot contractors who wrote vulnerable code is, though.