It has come to light that this past weekend, the official Malaysian web page of the internationally renowned security software provider Kaspersky, as well as the S.E.S. online shop web page, have been successfully hacked. A Turkish cracker going by the name of "m0sted" managed to hack the previously mentioned web pages by means of SQL injection. The following message was posted by the attacker: "hacked by m0sted And Amen Kaspersky Shop Hax0red No War Turkish Hacker Thanx to Terrorist Crew all team members." It seems that m0sted resorted to this attack out of patriotism.
One of the functions of the two websites is to provide users with trial versions of Kaspersky Antivirus software. The thing is that since the web pages have been hacked, these evaluation copies may prove to pose a security risk. As
Zone-H reports, things might have taken a turn for the worse if the attacker would have been able to upload "trojanized versions of the antivirus, infecting in this way the unaware users attempting a download from a trusted Kaspersky's file repository."Luckily this did not occur and the users are not in any danger of infection.
Earlier this month we were reporting that Finjan had discovered
over 1,000 trusted sites that had succumbed to SQL injection attacks. The irony in regard to the Kaspersky web page is that anyone who visits the site in order to get security software may end up getting infected instead.
You would think that a security software company as famous as Kaspersky would do a better job defending its own web pages. According to Zone-H, over the past 8 years, since the beginning of 2000 up to this day, a total of 36 defacement incidents have been recorded in relation to international Kaspersky web pages. The French site for example seems to be successfully hacked and consequently defaced pretty much every year or so. On the upside though, it seems that none of the incidents led to malicious software being uploaded and propagated through these sites.
At the moment kaspersky.com.my is still offline and we can only assume that the Kaspersky team is running a full scan of the site to make sure that they are not spreading any malware. The site is expected to be up and running as soon as possible.
Find us on Google+
