The US website for anti-virus provider Kaspersky was caught pushing malware to its users for three and a half hours on Sunday after it was compromised by criminal hackers. The attack first came to light on three separate user forums frequented by Kaspersky users. According to some of the posts, Kaspersky officials initially …
Dumb and Dumber
McAfee and Kaspersky - both security firms that can't keep their house in order, neither of which will ever get a recommend from me to clients.
Aside from using VMs for browsing, doing the constant snapshot maintenance (before the session), and restoring to known good. Sandboxing is not as secure as I thought so I switched over.
If you have some tips, I would love to hear them. (Sarah? How do you all do research? VMs?)
Re : What's Left?
Using Ubuntu 10.04
I put my primary browser machine in a VM for a further level of abstraction and do the "maintain/snap/restore" thing. I use Windows plus AV in my home network but I am also involved in Open Source projects. Primarily I am using Linux and Unix for work, and stay in the CLI most of the time.
The higher the adoption rate of any system or browser, the more attention it will gain from people interested in pwning those systems, and like all the other Ubuntu users I watch the security updates roll out from Canonical on a regular basis. Let's not mention this: http://www.theregister.co.uk/2010/09/15/linux_kernel_regression_bug/
Humans write Linux.
Not Using Ubuntu 10.04
The use of an alternative OS is not the be all and end all, But, using an alternative to I.E. and then customising it to look unlike any other person's browser might help. If a screen pops up that is not in your choice of browser or look (colour schemes, furniture etc.), it might help to alert people to the fact that they might not be where they think they are. If I was to get a screen that was default Win XP IE I would be very amused.
Disclaimer: I use a distro of Linux (not xBuntu) usually with FF that has been customised to my liking.
"alternative OS is not the be all and end all"
Whilst I agree with you in principle can you quote an example of Linux being compromised by just browsing ?
(I know that if you were mad enough to download and install an executable and then run it you could be in trouble but they'd still not own the machine.)
Given how poor their products are, that is...
Kaspersky has always been overblown with bullshit, they needed a bitch slapping.
Well played on the bad guys part on this one.
"The US website for anti-virus provider Kaspersky was caught pushing malware to its users..."
So, business as usual, then?
I didn't know some of these things about Kaspersky. Nevertheless, I've never really liked it as a feasible product. It sounds too fishy to me. But they have a track record far worse than McAfee!
more entertaining than a full house of false positives and re-format re-install, for no reason.
That's what we call it in our office. We must lose several hours a week due to its intrusive scheduled scan which makes compiling any code completely painful.
Their US website was compromised but the others around the world were not? Where the US admins less competent?
Re: How come...
Eugene ordered the American sysadmins to go and rescue the infected machine but they inadvertantly blew it up.
Hand grenade icon because...... well, do I really need to explain?
"become infected only if they fell for the ruse and clicked on links to download and install the malicious software"
...given the main reason people are likely to be visiting the site is to, er, let's guess, download and install AV.
In my experience Kaspersky has been the most over zealous in flagging legitimate software as virus infected. They have been reasonably good at correcting the situation but it's caused a lot of support and investigative effort for the company I work for, plus 'panic' for our users.
False-flagging can occur with any AV software but Kaspersky seems to produce more than others.
The world of AV Software vendors can be divided into two groups, those already exposed as morons and those about to be exposed as morons. If you're bored, would like a laugh, and have an hour to kill, then Google the keywords: Symantec Sucks.