Peaches Posted December 15, 2009 Report Share Posted December 15, 2009 Two Official Kaspersky Websites HackedCustomer info and product keys exposedBy Lucian Constantin, Web News Editor10th of December 2009 A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling himself "Unu" ("one" or "someone" in Romanian). The self-confessed security enthusiast specializes in finding SQL injection vulnerabilities on high-profile websites belonging to well known IT companies, antivirus vendors, banks, media outlets or public institutions.Unu's rise to fame on the Internet ironically began in February 2009, when he hacked Kaspersky Lab's U.S. support site and gained access to the customer database. Following that highly publicized incident, Kaspersky hired world-renowned database security expert David Litchfield to perform an audit on all websites run by the company. Story & screenshots at Softpedia - http://news.softpedi...ed-129420.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.