Have you heard about Kaspersky Labs? Head’s up because there is a new security flaw in Kaspersky antivirus that is allowing hackers to spy on users online which could put millions of people at risk!
How Was This Flaw Found?
A German journalist, Ronald Eikenberg, began testing antivirus software for a magazine article in Germany for a publication that was going to be coming out this past March. A few months after his initial testing he discovered in the HTML source code of a website that he was visiting there was some code being injected (a JavaScript script) into webpages while using the Kaspersky antivirus software.
He described this discovery as if Kaspersky was looking for ways to interact with websites on users’ computers without requiring an installation of a browser extension. This led him to wonder if they were spying on the user’s systems and lead to cyberattacks.
Eikenberg stated that in order to be able to insert the script that the Kaspersky software is analyzing the user’s web traffic including SSL-encrypted connections which is a huge security and privacy issue in itself. This simply means that Kaspersky now has knowledge of all the websites that the users are visiting which can even include users in corporate networks.
What is Kaspersky Doing About This Flaw?
Eikenberg reported all of this to Kaspersky and waited to hear back what steps they were taking to resolve this. Eikenberg received this response from Kaspersky that explains:
“Kaspersky has changed the process of checking web pages for malicious activity by removing the usage of unique identifiers for the GET requests. This change was made after Ronald Eikenberg reported to us that using unique identifiers for the GET requests can potentially lead to the disclosure of a user’s personal information.
After our internal research, we have concluded that such scenarios of user’s privacy compromise are theoretically possible but are unlikely to be carried out in practice, due to their complexity and low profitability for cybercriminals. Nevertheless, we are constantly working on improving our technologies and products, resulting in a change in this process.
We’d like to thank Ronald Eikenberg for reporting this to us.”
What Should I Do?
As you can see this can be very alarming and you need to take head and do what you can on your part. It’s definitely clear that Kaspersky was tracking browsing habits across browser, even through private mode and VPNs. If you haven’t already done so, please remove Kaspersky completely and do a thorough review of what plugins you have installed in the browser. These plugins could be leaking your information without you even knowing it. However, Kaspersky was previously compromised by the FSB (former Russian KGB, basically their equivalent of our CIA and FBI together). Due to all of this, we recommend to completely remove Kaspersky’s software.
How Can Triada Networks Assist?
Wondering if your network security is fully protecting your business from a leak like this one? Triada Networks offers a free consultation with a free security report card to see how you are doing and provide suggestions to prevent breaches. Don’t let a leak like this cause your networks to be hacked and important information leaked, schedule your free consultation online or by calling us at 201-297-7778.
Resources:
Su, Jeb. (2019, August). Warning: A Security Flaw in Kaspersky AntiVirus Lets Hackers Spy Users Online, Millions At Risk”. Forbes Magazine.Retrieved from https://www.forbes.com/sites/jeanbaptiste/2019/08/16/warning-a-security-flaw-in-kaspersky-antivirus-lets-hackers-spy-users-online-millions-at-risk/#5f2ffa33ba34
