Kaspersky site hacked to exposed sensitive data

I can just imagine the howls of laughter and high fives (virtual ones of course) that must have been going on as hackers managed to crack the security of Kaspersky’s website this weekend. Apparently the breach cut deep into the company’s database and provided access to customer information, activation codes, product bug lists and other admin related information.

The hacker claiming responsibility posted a screenshot of the hack along with other details about the SQL injection scheme used to gain access. According to The Register several well known security experts have looked at the information and while Kaspersky isn’t saying much at this point the experts agree that the breach looks legitimate.

“This looks very real to me,” Thomas Ptacek, a researcher at security provider Matasano said via instant message a few hours after the post went live. He pointed to the address bar of one screenshot that showed usa.kaspersky.com along with the text “concat_ws(0x3a,ver” to the right of that. “It’s a URL that is being used to alter the database request that’s used to generate the page,” he added. “One of them can be tricked into pulling arbitrary data from the database. Game over.”

Roger Thompson, chief research officer at competing anti-virus provider AVG concurred. “/me feels sorry for Kaspersky,” he wrote to El Reg. “Can’t tell for certain, but it looks legit.”

Source: The Register

All I can say is that it’s bad enough to be hacked but to be a major security company and being hacked has to suck big time.