It has been reported that this past weekend, the official Malaysian web page of the internationally renowned security software provider Kaspersky, as well as the S.E.S. online shop web page, have been successfully hacked. A Turkish cracker going by the name of “m0sted” managed to hack the previously mentioned web pages by means of SQL injection. The following message was posted by the attacker: “hacked by m0sted And Amen Kaspersky Shop Hax0red No War Turkish Hacker Thanx to Terrorist Crew all team members.” It seems that m0sted resorted to this attack out of patriotism.
One of the functions of the two websites is to provide users with trial versions of Kaspersky Antivirus software. The thing is that since the web pages have been hacked, these evaluation copies may prove to pose a security risk. Reports says, things go beyond a banal defacement as theoretically the hacker could have uploaded trojanized versions of the antivirus, infecting in this way the unaware users attempting a download from a trusted Kaspersky’s file repository.
You would think that a security software company as famous as Kaspersky would do a better job defending its own web pages. According to the report, over the past 8 years, since the beginning of 2000 up to this day, a total of 36 defacement incidents have been recorded in relation to international Kaspersky web pages. The French site for example seems to be successfully hacked and consequently defaced pretty much every year or so.
At the moment kaspersky.com is still offline and it is only assume that the Kaspersky team is running a full scan of the site to make sure that they are not spreading any malware. The site is expected to be up and running as soon as possible.
Related posts: