Kaspersky Customer Database Hacked :-O

But teams developing and testing software and doing QC have nothing to do with the teams who looks after the customer/web side of things (webmasters etc)... different people, different software used, different design, different requirements and oh yeah... one's a program and the other one's a website... programs and websites are designed/created/built up totally differently, a website can look really nice, but the software can be really crap and vice-versa.

 

Gotta admit, he's got a point........

 

It's the perception it gives especially when it was customers' private data at risk and they'd already suffered a similar incident months ago.You think that makes people more likely to choose their security products?

 

Umm... Kaspersky has server products, wouldn't one assume that the servers maintaining the database(s) of user information - even if for the website - were being protected by Kaspersky's server line of products?

Having said that, youre right in that this may have NOTHING to do with the Kaspersky software itself (and I don't believe it does). For all we know a new DB may have been setup with a default password, letting someone get in from the outside. Or "x" web software had a vulnerability that was exploited, etc. Too many variables. However, perception is also pretty important. I can see other enterprise sales reps salivating now... "Oh, you have Kaspersky? The company that got hacked twice in the past year? Take a look at our product..."

 

SQL injection is stated in the Reg article.

 

Kaspersky Statement:

"On Saturday, February 7, 2009, a vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site. The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection. The vulnerability wasn't critical and no data was compromised from the site."

http://www.thetechherald.com/article.php/200906/2910/Kaspersky-USA-suffers-SQL-Injection-attack

 

thats great news

 

Definatly bad PR and gives a bad reputation - I'm not denying/defending that and totally agree with you here. I was simply saying that this case doesnt mean the products are flawed as some posters here questioned.

Yes you're right, although the main way to prevent SQL injections is by patching software, antimalware/security software does not do this because SQL injection attacks are on the web-side rather than needing to hack a computer/server, so as with most SQL injections, all the information is already available online, unauthorised users are just not able to get to it. Even the so called SQL firewalls provide very limitted help. Patching software and servers is the only solution.

Most Security software for servers/enterprises are antimalware (file, web, mail), antispam and firewalls rather than patching SQL servers.

 

Good to hear, just and reminds me about the security of the web - how many breaches are there throughout the internet which havent been publicized and we dont know about?

Understandably we worry about the safety of our computers, but just because our computers are secure, doesnt mean our ID and information is also safe - take Monster.com being hacked a few weeks ago as an example, people's information available to hackers instead of just activation codes, email addresses, bugs etc... Its a dangerous World(-Wide-Web) out there folks!

 

And I agree with you in that it doesn't stand to reason that KIS,etc. must be rubbish because of this incident,however that may well be the conclusion some people draw from it unfortunately.

 

so it's true.

but the way Dan Goodin reported it, it's look like Kaspersky sensitive database was exposed by hackers.

i guess Kaspersky is doing "damage control" with that statement.

 

Didn't trust Kaspersky and never will. They are constantly lying to their customers. Their US box shots with the comparative tables on the back are a load of crock.

We tend to forget that it doesn't depend how dependable the product is, but how dependable the company is.

Btw.. what are the laws in Russia to penalize companies against such things ?

 

Kasperksy said the vulnerability was fixed within 30 min upon detection. OK I was just wondering what happened BEFORE the intrusion was detected? How did they know NO data was compromised from the site?
I don't hate Kaspersky in anyway, I just wonder, techniquely how did you tell if the data was compromised or not after an hacker intrusion?

 

Hopefully they have some server security logs that they can do some forensics on. They probaly will found out what was stolen, but the question is will they tell us when they do. The laws in Russia dont require them to. Its still the wild west as far as IT goes.

 

Enough folks, ok. Geez

Dont you just think it might do them more harm to issue a statement like that only to find out later it wasnt true. I am confident they are telling the truth because they have a lot more to lose otherwise. It happens, ok. And I can promise you it wont be the last. So, I would pick my words carefully because next time it may be your vendor. Kaspersky is one of the largest vendors out there and most hacked. I feel pretty sure their defenses are better then most, but all have a crack or two.

Anyway, it is bad, but they will do what is right to fix it. Now lighten up...

 

I don't think it looks good at all. I have no way of knowing their defenses are better than most just because they are big. People are free to take it as they want..

 

.

Kaspersky hacker claims Kaspersky's statement is not true!!!!


Kaspersky hacker: database exposed for days


"....here's the part Kaspersky leaves out. According to an admin named Tocsixu at the site that exposed the breach, the hacker who originally discovered the vulnerability did so days earlier and only went public after getting no response from more discreet communiques with Kaspersky employees.

"I have sent emails to info@kaspersky.com, forum@kaspersky.com, and webmaster@kaspersky.com warning Kasperky [sic] about the problem but I didn't get any response," Unu, the hacker, said in an email. "After some time, still having no response from Kaspersky, I have published the article on hackersblog.org regarding the vulnerability."

Tocsixu also took issue with the characterization that the data wasn't actually compromised or that it wasn't critical."


more here:

http://www.theregister.co.uk/2009/02/09/kaspersky_compromise_follow_up/

.

 

Then I will shut up and if true, Kaspersky should be totally ashamed.

 

No matter what the actual truth is,this site is full of members that seem to "knock" Kaspersky at every opportunity,so even if what Kaspersky say is the truth lots wont believe them,and like an earlier poster has said,who knows if other security companies haven't been compromised and just not reported OR paid the hacker off to stay quiet?(some of these guys DO do it to make money!)

 

Looks like bitdefender fell victim to a similar attack today by the same group. Trend had their virus encyclopedia serving people malware. F-secure had their forum hacked, Symantec database was victim of same attack last October except there was no big news story (wonder why).... I can go on

I won't post any links incase I am accused of being a shill and trying to divert attention for the gazillionth time.

 

thanks Baz. Like I said, it can happen to anyone. I am just curious as to if what the others vendors stated when it happened, is exactly what occured or not.

Anyway, it is still a very good product and chit happens.

 

there is always 3 sides to any story:-the hackers,who will claim they did more than they actually did(gets them kudos/notoriety within there circle!)Kasperky,who will claim they did less than they actually did(damage limitation!)and somewhere in the middle,the truth!

just a thought:-may be a good idea for posters to remove what set-up they are using to protect there PCs from their profiles,why give thees hackers any info they could possibly use with info they may have stolen from any of the security companies!!

 

...and maybe US protectionism, behind all that
for conspiracy in the mood anyone?

 

Wow if that's true this takes it up a whole level from carelessness to deception and gross negligence.

 

like I said 3 sides to every story!:-the hacker wants the kudos so is making things out to be worse than what probably did happen,if he only wanted to point out this problem why did he feel it necessary to access and compromise data??and as I said earlier,lots of Kaspersky knockers on here who will be getting off on this!
I think all hackers if identified should be tried and if guilty jailed:-we've got one in the UK who accessed US defence computers who was caught and is now trying every trick in the book to avoid being deported to the US for trial.his lawyer now claims he would be at risk of suicide if he was deported:-its a game to them ,until they get caught and have to pay the piper!