Hacker Infiltrates Kaspersky U.S. Databases
Source: Tom's Guide US | Keywords: Kaspersky, Hacker, Internet, Security | Themes: The Internet
Kaspersky, the company behind some of the best internet security software on the market, is now having trouble defending itself.
According to hackersblog.org, an unnamed hacker gained access to part of Kaspersky's U.S. operations.
The hacker, who posted on the blog under the name "Unu", gained access to data tables contained within the company's website. While no sensitive information was leaked, the hacker did publish the names of the tables themselves. From activation codes to software bug reports to "best_buy", the assailant supposedly had access to dozens of tables worth of information.
"Kaspersky is one of the leading companies in the security and antivirus market. It seems as though they are not able to secure their own data bases," says "Unu". [This] seems incredible but unfortunately, its true. Alter one of the parameters and you have access to EVERYTHING: users, activation codes, lists of bugs, admins, shop, etc." According to the blog, the intrusion was made possible after an alteration in the SQL code.
While the intrusion may be unsettling, Kaspersky has some light to shed on the matter. "The attack was unsuccessful and, despite their attempts, the hackers were unable to gain access to restricted information stored on the website," said the company in a press release. "As a result of the attack, a vulnerability was found in one section of the usa.kaspersky.com website. Company personnel took immediate action to address the issue, and the vulnerability was closed a short time later."
The press release also claims that reports of the attack being a success are completely untrue. While the images over on HackersBlog look real enough, there is nothing to really push this claim either way. What's most important is Kaspersky fixing the vulnerability, and that no sensitive information regarding customers has been leaked (as far as we know).
-
Previous News Article
Psion Claims "netBook"... -
Next News Article
Forget iPhone, Add Calling to...
well virus scans don't really protect against exploits unless the company also makes firewalls then they have problems. many companies who make virus scans often push other products and packages and before you know it, you have gone from a light weight virus scan, to a bloated all in one that makes your computer feel 15 years older
A SQL injection attack is not something a firewall or AV can stop. It is up to the application to edit the data and/or use SQL features to ensure that the data is not interpreted as a database command.
If the attack wasn't true, they why were they worried, had to fix something that they didn't know was there before, and release a statement to the press about doing so. If they knew it wasn't true, then they wouldn't have worried and there would have been nothing to fix.
They didn't deny the attack, they denied the success of the attack. I am sure Kaspersky finds small holes in their security on some sort of regular basis. A hacker unsuccessfully attempting to exploit one of these holes is not a "successful" attack.
funny how software that you PAY FOR doesnt work worth a DAMN compared to the free stuff.....
Yep, the free programs like Comodo, AVG Antivirus, and ZA Firewall are awesome, and not bloated like some other programs you can buy...
That's why you close your SQL input fields so that commands cannot be entered and executed by the server.
Who is this user "a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '%" anyway?
According to wikipedia, "In July 2008, Kaspersky's Malaysian site was hacked by Turkish hacker going by the handle of "m0sted", who claimed to have used SQL injection." So this isn't a new problem for Kaspersky.
And SQL injection has nothing to do with actual Internet Security Software they make, totally unrelated stuff!
Everything can be stopped...
http://www.fortinet.com/products/f [...] abase.html
AVG, and Zone Alarm both have better full pay to use versions.
Now Zone Alarms free version firewall is great and still has
some decent options for the free version.
On the other hand AVG's free anti-virus i find to be very
lacking to the full version of AVG. I mean I guess some
protection is way better than none, but I like to have full
access to all of the options of a program I have and not just
some.
Does anyone know who this guy is? Am I the only one who suspects he works for a competing company? Such news could really hurt Kaspersky, so I can see the interest another company could have this operation..
The hackers name was "Unu" which I take to mean "you knew". As hellwig pointed out, this exploit was used previously so was there some message in this about Kaspersky knowing something and not taking action.??
I've used kaspersky internet security since version 6 now, and although news like this may be a bit worrying, I still have full confidence in their abilities. I'm sure kaspersky is still one of the best choices when it comes to security software.
From this report this actually looks like a good thing. That is, a hack attempt was made with limited success and another security hole was closed.
I don't think it matters that he gained access to sensitive data on the website. It's the fact that he could hack the site and gain access to the database. It gives the company, who specializes in security, a black eye. As no hacker should ever gain any kind of access to the database. Get it?
@Jokemeister ,
although you might be right about "you knew" the guy is romanian and in romaninan "unu" also means one(as number).
SQL injections happens all the time and my PFSense firewall with snort install does block it. Even though I don't have a SQL server exposed to the Internet. LOL.. It seems just bunch of script kiddies out there trying to find an exploit blindly. Kinda like war-dialing.
SQL Injection is relatively easy to protect with right tools of IPS.
So it just lame excuse from security vendor like kaspersky,