Kaspersky Download Site Spreads Fake AV?

Several reports in Kaspersky user forums seem to indicate that the security software manufacturer was recently compromised by cybercriminals trying to punt fake security software.

Fake anti virus software is most often spread through booby-trapped web pages, designed to show up high in search results for popular or newsworthy terms; for example recently people searching for information about the Stuxnet malware were targeted. This is a technique so established that TrendLabs have been able to develop automated tools to proactively monitor and block these pages as they appear. If true, this compromise of a legitimate download site, particularly a security vendor could represent an important new change of tactics by the scareware pushers.

Kaspersky users in three separate forums; Calendar of Updates, YahooAnswers and Kaspersky’s own Kaspersky Lab forum have complained that links to download Kaspersky’s home user security software from their USA download site were redirecting them to a malicious web page pushing fake AV known as Security Tool. One user posted the below screen capture:


According to forum posts Kaspersky have stated that there was no compromise of their servers. Somewhat incongruous then is the post by one forum user going by the handle of Micha, who appears to come from Kaspersky Lab in Japan according to his profile. He posted the following:

Thanks, it should be fixed.

Security vendors have often been the target of both malicious and mischievous hackers and without fail, honesty and transparency have always been the best policy in the aftermath of such an event.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

As Solutions Architect for Trend Micro, Rik Ferguson interacts with CIOs from a wide variety of blue chip enterprises, government institutions, law enforcement organisations. Recognised as an industry thought leader and analyst, Rik is regularly quoted by the press on issues surrounding Information Security, Cybercrime and technology futures. With over 15 years experience in the IT Industry with companies such as EDS, McAfee and Xerox Rik’s broad experience enables him to have a clear insight into the challenges and issues facings businesses today.