back to article Compromise turns Kaspersky site into malware hub

The US website for anti-virus provider Kaspersky was caught pushing malware to its users for three and a half hours on Sunday after it was compromised by criminal hackers. The attack first came to light on three separate user forums frequented by Kaspersky users. According to some of the posts, Kaspersky officials initially …

COMMENTS

This topic is closed for new posts.
  1. BillG
    FAIL

    Dumb and Dumber

    McAfee and Kaspersky - both security firms that can't keep their house in order, neither of which will ever get a recommend from me to clients.

    1. multipharious

      What's Left?

      Aside from using VMs for browsing, doing the constant snapshot maintenance (before the session), and restoring to known good. Sandboxing is not as secure as I thought so I switched over.

      If you have some tips, I would love to hear them. (Sarah? How do you all do research? VMs?)

      1. Anonymous Coward
        Anonymous Coward

        Re : What's Left?

        Linux

        1. multipharious

          Using Ubuntu 10.04

          I put my primary browser machine in a VM for a further level of abstraction and do the "maintain/snap/restore" thing. I use Windows plus AV in my home network but I am also involved in Open Source projects. Primarily I am using Linux and Unix for work, and stay in the CLI most of the time.

          The higher the adoption rate of any system or browser, the more attention it will gain from people interested in pwning those systems, and like all the other Ubuntu users I watch the security updates roll out from Canonical on a regular basis. Let's not mention this: http://www.theregister.co.uk/2010/09/15/linux_kernel_regression_bug/

          Humans write Linux.

          1. R Callan

            Not Using Ubuntu 10.04

            The use of an alternative OS is not the be all and end all, But, using an alternative to I.E. and then customising it to look unlike any other person's browser might help. If a screen pops up that is not in your choice of browser or look (colour schemes, furniture etc.), it might help to alert people to the fact that they might not be where they think they are. If I was to get a screen that was default Win XP IE I would be very amused.

            Disclaimer: I use a distro of Linux (not xBuntu) usually with FF that has been customised to my liking.

            1. Chemist

              "alternative OS is not the be all and end all"

              Whilst I agree with you in principle can you quote an example of Linux being compromised by just browsing ?

              (I know that if you were mad enough to download and install an executable and then run it you could be in trouble but they'd still not own the machine.)

  2. Aaron Em

    No surprise

    Given how poor their products are, that is...

  3. Anonymous Coward
    Happy

    Kaspersky

    Kaspersky has always been overblown with bullshit, they needed a bitch slapping.

    Well played on the bad guys part on this one.

  4. Anonymous Coward
    Coat

    "The US website for anti-virus provider Kaspersky was caught pushing malware to its users..."

    So, business as usual, then?

  5. David Eddleman

    Ouch

    I didn't know some of these things about Kaspersky. Nevertheless, I've never really liked it as a feasible product. It sounds too fishy to me. But they have a track record far worse than McAfee!

  6. Neal 5

    Still,

    more entertaining than a full house of false positives and re-format re-install, for no reason.

  7. Anonymous Coward
    FAIL

    Krapspersky

    That's what we call it in our office. We must lose several hours a week due to its intrusive scheduled scan which makes compiling any code completely painful.

  8. Magnus_Pym

    How come...

    Their US website was compromised but the others around the world were not? Where the US admins less competent?

    1. Anonymous Coward
      Grenade

      Re: How come...

      Eugene ordered the American sysadmins to go and rescue the infected machine but they inadvertantly blew it up.

      Hand grenade icon because...... well, do I really need to explain?

  9. Velv
    FAIL

    AV Download

    "become infected only if they fell for the ruse and clicked on links to download and install the malicious software"

    FAIL...

    ...given the main reason people are likely to be visiting the site is to, er, let's guess, download and install AV.

  10. Anonymous Coward
    Thumb Down

    Over zealous

    In my experience Kaspersky has been the most over zealous in flagging legitimate software as virus infected. They have been reasonably good at correcting the situation but it's caused a lot of support and investigative effort for the company I work for, plus 'panic' for our users.

    False-flagging can occur with any AV software but Kaspersky seems to produce more than others.

  11. Anonymous Coward
    FAIL

    Excellent...

    The world of AV Software vendors can be divided into two groups, those already exposed as morons and those about to be exposed as morons. If you're bored, would like a laugh, and have an hour to kill, then Google the keywords: Symantec Sucks.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2022