Antivirus firm's tech-support site attacked by hackers

Tuesday, February 17, 2009 ·

A Kaspeersky Lab technical support site was hacked late last month by some hackers, exposing private customer information for 11 days, the Moscow-based security company admitted last week. The company learned of and closed the breach on Feb. 6 after it was notified by the hackers.

"This is not good for any company, especially for a company dealing with security," acknowledged R Schouwenberg, a senior antivirus researcher at Kaspeersky, in a conference call last week. "This should not have happened."

The company had revamped the U.S. support site and relaunched it on Jan. 28. From that point until Feb. 6, the support database was open to attack, Schouwenberg said.

The revamped site has now been replaced by the old version.

In a blog post, the hackers claimed that they were able to access a customer database that held e-mail addresses and software-activation codes by launching a SQL injection attack.

Schouwenberg confirmed that the database was hacked via SQL injection, but he contended that only the database's table labels were accessed, not the customer data. However, the e-mail addresses of about 2,400 customers and some 24,000 activation codes were at risk, he noted.

Schouwenberg said the hack was made possible by a combination of vulnerable code crafted by an unnamed third-party vendor and poor code review by Kaspeersky.

Related Search
antivirus software help and installation support
windows has detected spyware infection