Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

guest · Aug 15, 2019

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online
August 15, 2019
https://thehackernews.com/2019/08/kaspersky-antivirus-online-tracking.html

However, if you're using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely.

The vulnerability, identified as CVE-2019-8286 and discovered by independent security researcher Ronald Eikenberg, resides in the way a URL scanning module integrated into the antivirus software, called Kaspersky URL Advisor, works.

"That's a bad idea because other scripts that run in the context of the website domain can access the HTML code at any time—and thus the injected Kaspersky ID. This means in plain language that any website can simply read the Kaspersky ID of the user and misuse it for tracking," the researcher says.
"The IDs were persistent and did not change after several days. This made it clear that an ID can be permanently assigned to a specific computer."
Click to expand...

"Kaspersky has fixed a security issue (CVE-2019-8286) in its products that could potentially compromise user privacy by using unique product id which was accessible to third parties," the company says in its advisory.
"This issue was classified as User Data disclosure. The attacker has to prepare and deploy a malicious script on the web servers from where he will track the user."
Click to expand...

Buddel · Aug 15, 2019

Kasper-Spy: Kaspersky Anti-Virus puts users at risk

Kaspersky promises security and data protection. However, a data leak allowed third parties to spy on users while they were surfing the web. For years.
Click to expand...

https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html

Minimalist · Aug 16, 2019

As noted by author removing ID entirely would be even better solution.

guest · Aug 16, 2019

Why people still believe that companies would respect their privacy when money is made from it...

Rasheed187 · Aug 17, 2019

guest said: ↑

Why people still believe that companies would respect their privacy when money is made from it...
Click to expand...

I don't think it was Kasperksy's intention. But that's why it's best not to mess around with URL scanning done by AV's or even extensions.

xxJackxx · Aug 17, 2019

Agreed. I doubt this was intentional. There's also money to be made selling security software which as I have stated in the past you will not get if nobody trusts your product.

guest · Aug 19, 2019

I heard a bug in Kaspersky products could be used for spying. Is that true?
August 19, 2019
https://www.kaspersky.com/blog/tracking-ids-bug/27979/

[...] recently a new case emerged, saying that Kaspersky exposed users to cross-site tracking. We address the flap in this short post.
Is it fixed now?
Yes, we released a patch on June 7, 2019, that addresses this problem. [...] All updated Kaspersky consumer products give all users the same set of identifiers [...]
Why isn’t it a big deal, though?
Sometimes media amplify problems to attract attention. That’s what happened in this case. Theoretically this problem has real potential implications. Here are three of them.

• The first one is what we described above: Marketers could’ve theoretically used those IDs to target people visiting their websites. That said, any profile they could’ve built would’ve been very slim.
• The second is that a malefactor could’ve harvested those addresses and built malware that targets only users of Kaspersky products — and spread it among them.
• The third: A database of website visitors could’ve been used for phishing. That’s the most reasonable implication.
Click to expand...

In any case, no one observed any malicious activity abusing these unique IDs. And now that the problem is fixed, it’s too late for malefactors to jump on that train.
So, yes, “Kaspersky allows spying” is a hyped-up statement. There was a bug that could possibly have allowed some very unlikely tracking from third parties to a very limited extent, but it’s fixed now.
Click to expand...

Log in or Sign up

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

guest Guest

Buddel Registered Member

Minimalist Registered Member

guest Guest

Rasheed187 Registered Member

xxJackxx Registered Member

guest Guest

Log in or Sign up

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

guest Guest

Buddel Registered Member

Minimalist Registered Member

guest Guest

Rasheed187 Registered Member

xxJackxx Registered Member

guest Guest

Useful Searches