Kaspersky Customer Database Hacked :-O

Discussion in 'other security issues & news' started by hawki, Feb 8, 2009.

Thread Status:
Not open for further replies.
  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
  2. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Hope it gets fixed soon:doubt:
     
  3. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    Quite embarassing if it's true
     
  4. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    im surprised there isnt any posts on the KL forum.
    at least i cant find one.
    this is really bad if true but can happern to any company.
     
  5. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    ,
    Gunter Ollmann, the chief security strategist at IBM Internet Security Systems, is certainly in no doubt over the seriousness of the claim, warning "...this type of critical flaw can probably be used to usurp legitimate purchases and renewals of their products - which could include the linking to malicious and backdoored versions of their software - thereby infecting those very same customers that were seeking protection from malware in the first place."

    http://www.daniweb.com/blogs/entry3943.html
     
  6. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    Well this doesnt sound good, hopefully they get things fixed up quick
     
  7. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    I don't care about the license,did they get emails and passwords of accounts ?
    This sucks
     
  8. fce

    fce Registered Member

    Joined:
    May 20, 2007
    Posts:
    758
    yeah it can happen to any company.....but not like kaspersky!
     
  9. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    The "white hat" hacking blog where this was first reported by the successful hacker has an extensive list of the tables available to the hacker. (a link to that site and the original blog post is given in the Register article in the OP)

    In that blog post there are several screen shots. One shot shows the following tables:ID, username, email, passwd, homepage, last seen, activated.....
     
  10. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    You're not kidding it is :eek: it hardly breeds confidence that they can protect your system,if they can't even keep their own data safe.:rolleyes:
     
  11. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    Thanks.I noticed it now.I'm gonna have a busy Sunday :) .
     
  12. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Good luck to kaspersky customers..
    they need to change their passwords at least.
     
  13. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    We have two screenshots and some hype curtosey of el reg as they do with any story. Apart from that they are not claiming to have any solid proof or facts of a breach of personal data.

    If a breach has occured I am sure Kaspersky will issue a statement in due course.

    Thirdly if a breach has occured I wouldn't be completely surprised....even the most powerful secret services and biggest security vendors in the world have website defaced/breached at some point. Although very embarrasing and potentially damaging I doubt anyone can claim to be invulnerable to attack.
     
  14. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    if true, lets just hope they get it fixed and sorted as quickly as possible.

    i aint a user of Kaspersky, but nobody can be happy this has happened, unless your about 5 years old on some powertrip to create shock n awe to the competition. :rolleyes:

    sure its embarressing 'if' it has happened, but im sure it really could happen to any of them, and id be pretty peed off if it happened to me.

    so, hope the Kaspersky guys sort it all out soon :)
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    As someone said, it could happen to any other security vendor. But, AFAIK, this is the second time someone hacks into Kaspersky. Not so long ago, a hacker managed to get into their Malasian's affliate.

    Isn't 1 time enough? Does it need to happen a 3rd time?

    This only brings bad publicity to a security vendor. After all, if owning a company and wanting to protect my systems and data, would I trust in a security vendor, that cannot protect their own? This would lead me to reconsider...

    I just hope Kaspersky won't let it go to a third strike.


    Regards
     
  16. thathagat

    thathagat Guest

    so true.........
     
  17. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    It's not about this really.During time Hackers managed to enter more "secured "places than kasperky web page.
    I want to see what will kapersky do about this.
     
  18. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    hey,
    i have never got why the "whitehats" report about this and show evidence.
    why not contact kaspersky directly and get it sorted out first?
    surely that would minimize any data leaking out?
     
  19. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    :thumb: IMO not a very professional White Hat....:rolleyes:

    Fax
     
  20. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    yes, it is a shame.:cautious:
     
  21. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    How does a breach on the website have anything to do with the protection abilities of the software? o_O
     
  22. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    I don't think its as bad as it seems. I do not believe you can change the cabinet password or username, unless i haven't found the option yet. The username and passwords are made up of just a random bunch of numbers. Sure the hackers would get emails but its not as bad as the phpbb forums hack where people got passwords/usernames/emails stolen.
     
  23. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    I'm sure KL doesnt intend for it to happen ;)
     
  24. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    It does in the sense that if a security company has not exercised the level of care and competence necessary to protect its own website and customer data can it be expected to do any better in designing and maintaining its software programs.

    .
     
  25. thathagat

    thathagat Guest

    um mm....it seems kaspersky is so busy protecting others that they forgot to protect themselves.......
     
Loading...
Thread Status:
Not open for further replies.