Jump to content
xisto Community
Lyon2

Kaspersky Web Site Hacked With Sql Injection Yes, they thought they were the best, think again

Recommended Posts

Trust me, Kaspersky isn't the only website to get hit like this, *bottom* many other websites have been defaced or deleted over time. As for sales I highly doubt it since hacking a website verusus hacking a computer are two different things and you have to remember Kaspersky HQ is in the heartland of hackerland since it is based out of Russia. Odds are they have staff that have been on both sides of the track and so I would think their actual computers would be a lot safer then their website.

Although that is true, But Kaspersky are one of the most popular company's out there along with AVG, Nortan, Macafee I see well known but not the best Anti-Virus tools out there!
This will still be a big scare for all Kaspersky members and users.

Share this post


Link to post
Share on other sites

OK first off I do not even know that company so there is no way this would be bias. You guys who think in anyway their security of a website relates to how well their desktop product works is totally wrong. How do you know they did not pay some other company to develop and test their website? That company could of miss sanitizing post or get variables. It may not even be the whole company likely it was one person who missed it or was too lazy to test. Don't be so closed minded in your way thinking people. Your logic is flawed. Don't you think that company would be too busy working on their own products and have some other people build their website?

Share this post


Link to post
Share on other sites

Well that's kind of stupid you are paying for another companies products when you are a security company making them bigger also you kind of saying that your own products can't do there job properly and keep there site safe.

Share this post


Link to post
Share on other sites

xpress, it is not a fact, it is a possibility, a possibility that low resources security products do not do their job quite well as others that consume more computer resources because they just do not scan all that they should.

 

You see, when an antivirus takes more resources then the other, it is because it is scanning byte by byte, which takes resources, a lot if not well managed by algorithms and trust control technology and management, avira should be doing a low consuming method which should be the scanning of only infectable files, not all files, and the free edtion of both avira and avg do not have much to scan, they are limited because they are free editions.

Back when i was using Windows XP, the reason why i picked Avira over AVG was because the motherboard of that computer could only hold 512mbs of RAM on it (which i maxed out) and because Avira was the only company i could find that gave away a free edition of their anti-virus scanner that used little resources while committing automatic scanning in the background. With AVG i had to manually tell it to scan my computer. It's been a long time since i've had to deal with a virus scanner, but the free version of AVG still doesn't seem to support automatic, background scanning.

 

Now the computer i'm running has 4gigs of RAM (i can't remember the maximum, but it's either 8gigs or 16gigs), and since it runs Linux, both memory management and viruses is not a problem.

 

Well that's kind of stupid you are paying for another companies products when you are a security company making them bigger also you kind of saying that your own products can't do there job properly and keep there site safe.

Not necessarily. Unless Kaspersky has their own SQL program that scans for SQL injection vulnerability, then i don't see it a problem if they don't eat their own dog food.

Share this post


Link to post
Share on other sites

I've heard about this incident a few days ago. As far as I know they have traced the attackers to a few IP's in my country (Romania). But they where "professional" hackers, wanting not material gains, but to become famous. I know that after they've discovered the security problem they've written to Kaspersky and gave them an hour to fix the vulnerability and when they didn't get a reply they did the hacking. But nothing vital was compromised - like personal information, credit card information, etc. At least that's what Kaspersky's said... Anyway it's not good for their imagine, as a security company, to get their website hacked by (I'm sure) some students with a lot of spare time. They should hire those guys!

Share this post


Link to post
Share on other sites

Professional as in "The Greek Security team" That hacked every thing they could see on the internet and was all over the news in the UK :s.

Share this post


Link to post
Share on other sites

im guessing why i got a dll file on all my computers that were protected by kaspersky it attacked my lsass.exe file and i believe it became unsuable so i had to reboot my windows xp pro once again, but now i got 3 virus protecting softwares each one for each think kaspersky for everything, other 2 are for helping at start up, it helps so that no start up items are edited withugh a password and a approval. Just to make sure that dont happen again. For now all i worry is about prottection if it cant happen then ill switch to linux. Mac sux (no offence but i hate it.)

Share this post


Link to post
Share on other sites

im guessing why i got a dll file on all my computers that were protected by kaspersky it attacked my lsass.exe file and i believe it became unsuable so i had to reboot my windows xp pro once again, but now i got 3 virus protecting softwares each one for each think kaspersky for everything, other 2 are for helping at start up, it helps so that no start up items are edited withugh a password and a approval. Just to make sure that dont happen again. For now all i worry is about prottection if it cant happen then ill switch to linux.Mac sux (no offence but i hate it.)


There are many out there that say you have a virus when you don't some of the best I have seen is AVG and Avast. I have been using Avast for many years and no problems with it. Maybe you should change over to Avast like me.

Share this post


Link to post
Share on other sites

quote name='Lyon2' date='Feb 10 2009, 11:36 AM' post='432453']
News Title: Kaspersky Web Site Hacked With SQL Injection

When: The last weekend it seems, read the hackersblog topic because it has more intel on this, a lot more...

Sources:
http://forums.xisto.com/no_longer_exists/
http://forums.xisto.com/no_longer_exists/
https://www.security-audit.com/blog/



I have 2 reasons for sharing this news, first, kaspersky security products are not the best, not by bar, but they do clam it and say it out loud as i seen and talk about this in many occasions with my closest friends, and how can they be if they can not even protect their own server, databases and their tables.

If you use one of kaspersky products, you might want to think again on what you are using, this things can not happen to security products websites, specially one that is in the leading as kaspersky is, or i should say, it was.

Read the full story on one of the links above, in the meantime, read this to spice your apetite:




What do you think about this?
Is this an acceptable think to happen o companies like this nowadays?
Do you use kaspersky? Do you feel unsecure now? Are you having second thoughts about keep using or start using kaspersky?


I do still think they are one of the best when it comes to securing your computer, but again their website was hacked, not any of the main frame computers they use to develop their software. So yeah, these things happen. THis is defintley not good for their business in any sense because now people will look and say, "Why should I give my money to a company that can't even secure their own server."

I will still be using their software, but if they ever come with a website anti-hacking device... I will not be using it :D

Share this post


Link to post
Share on other sites

I will still be using their software, but if they ever come with a website anti-hacking device... I will not be using it :D

By the way your typing the code for the script is a fail, Why keep on using it though there are many out there which are a lot better than than O.o Check out some reviews on downlods.com :P.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.