Kaspersky denies leaks after SQL hack
The U.S. Web site of the Russian antivirus vendor was hacked over the weekend, exposing the company's customer database. But Kaspersky Lab denies any data was compromised.
The U.S. Web site of Russian antivirus vendor Kaspersky Lab was hacked over the weekend, exposing the company's customer database. But Kaspersky denies any data was compromised and says the vulnerability wasn't critical.
An unidentified hacker reported over the weekend that he was able to access a complete profile of the company's databases, revealing its clients' names, activation codes, list of bugs the company tracks, and client e-mail addresses.
The hacker claims to have hacked Kaspersky's databases using an SQL injection attack, which exploits a vulnerability in an application's database layer.
The method has become a popular means to gain information via Web-facing applications or as a way to use popular Web sites to spread malicious software.
Microsoft's U.K. Web site came under a similar attack in 2007 when hackers used an SQL injection to inject HTML code that seemingly defaced its Web pages.
The Kaspersky hacker, who published findings on Hackersblog.org, has since said that confidential data will not be released.
The "Kaspersky team doesn't need to worry about us spreading their confidential stuff. Our staff will never save or keep any confidential data. We just point our fingers to big Web sites with security problems," the hacker reported.
Kaspersky has admitted that a subsection of its USA.Kaspersky.com domain was vulnerable on Saturday when a hacker "attempted an attack on the site."
"The site was only vulnerable for a very brief period, and upon detection of the vulnerability we immediately took action to roll back the subsection of the site and the vulnerability was eliminated within 30 minutes of detection. The vulnerability wasn't critical and no data was compromised from the site," a company representative said in a statement.
Liam Tung of ZDNet Australia reports from Sydney.