Malaysian Kaspersky Antivirus Website Has Been Hacked In An SQL Injection Attack
According to Zone-h.org, the official Malaysian Kaspersky Antivirus website has been hacked yesterday by a Turkish cracker. Along with it, the same cracker hacked the official Kaspersky online shop and its several other subdomains. The attacker reported “patriotism” as the reason behind the attack. It seems that SQL injection was the technical way the intrusion was performed.
Both websites has been home page defaced as well as several other secondary pages. The incident, though appearing a simple website defacement, might carry along big risks for end-users because from both the websites, evaluation copies of the Kaspersky Antivirus are distributed to the public. In theory, the attacker could have uploaded trojan-infected versions of the antivirus, infecting in this way the unaware users attempting a download from a trusted Kaspersky’s file repository.
According to Zone-h’s archive, since 2000 there have been 36 web site defacements of international Kaspersky sites, with Kaspersky’s French site getting hacked numerous times during the last few years. There was no malicious software served in those accidents but it seems like an ongoing trend related to web site defacements.
There’s no indication of a malware attack at the site and it seems that users are not at risk in this case. Nevertheless, the attack should be taken very seriously since it could result in a situation where a security vendor’s site is infecting its visitors with malware. Kaspersky.com.my remains offline, presumably in an attempt to audit the site for web application vulnerabilities before putting it back online.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.