IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Kaspersky USA Download Link = Attack Page???, Really??
Kaspersky User 1...
post 18.10.2010 06:07
Post #1


Advanced Member I
***

Group: Members
Posts: 93
Joined: 27.02.2010
From: United States




USA site's Product Downloads > KIS > 2011 > English(USA/Canada) ***(http://)***(webarh)***(.com)***/z.php?file=kis&lang=en&ver=2011&pn=Downloads+%257C+Product+Updates+%257C+Kaspersky+Internet+Security

This link leads to a 'Reported Attack Page!' warning in Firefox.

EDIT: When the 'ignore this warning' link is clicked, the 'problem loading page' page is shown (Firefox can't establish a connection to the server at 77.78.245.127.)

This post has been edited by Kaspersky User 123: 18.10.2010 06:11
Go to the top of the page
 
+Quote Post
rudger79
post 18.10.2010 07:33
Post #2


Forum Elite
**************

Group: Gold beta testers
Posts: 9102
Joined: 20.10.2008
From: Kodiak USA




Chrome or IE 9, same problem.


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
Micha
post 18.10.2010 09:41
Post #3


IT Security Lab Chief Analyst
******

Group: KL Japan
Posts: 726
Joined: 8.04.2005
From: Tokyo




QUOTE(rudger79 @ 18.10.2010 12:33) *
Chrome or IE 9, same problem.


Hello,

Thanks, it should be fixed.

Cheers
Go to the top of the page
 
+Quote Post
rudger79
post 18.10.2010 11:24
Post #4


Forum Elite
**************

Group: Gold beta testers
Posts: 9102
Joined: 20.10.2008
From: Kodiak USA




Firefox - 404 not found
Chrome - Broken link.

Still seems to be an issue, but not reported as attack site.


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
white chocolate
post 18.10.2010 12:49
Post #5


Advanced Member I
***

Group: Members
Posts: 173
Joined: 19.08.2009




Same happened to me last night.Scareware attack..trying to pitch a fake antivirus.Tried to close the message window,but then it started to display a phoney window saying i was infected.Closed ie..used task manager to close message window..cleaned temp files..reboot..ran full scan..and ran a full malwarebytes scan..completely clean.HOpefully noone fell for it and downloaded the fake antivirus.Thanks Kaspersky for keeping me safe.


--------------------
KIS 2015 15.0.0.463
Adguard 5.9
Windows 8.1 Pro X64
Go to the top of the page
 
+Quote Post
wcking3
post 18.10.2010 16:43
Post #6


Newbie
*

Group: Members
Posts: 3
Joined: 18.10.2010




I directed my father to Kaspersky last night and he called me back and stated he must have been redirected to a another site and was infected. I remotely took over his computer and found that he was infected with a Malware virus. So, I decided to go to Kaspersky myself at http://usa.kaspersky.com/downloads/product-updates last night, 10/17/10 @ about 8:30 PM Eastern. I clicked the download for the Internet Security product and sure enough I was also redirected to a malware site. Hum, Kaspersky was obviously hacked. About an hour later Kaspersky took their download site offline.

I called Kaspersky this morning and they are denying that this happened. They are stating that I must have went to a phishing site or a site that looks like them. Sorry Kaspersky, I typed the correct URL above and was redirected directly from your web site. I even went to my order email from Kaspersky I purchase 7-months ago. I clicked the download link from that email and sure enough I was redirected to the same malware site. Kaspersky said that email was probably a fake email. Really, because it has all my order information on it and it worked 7-months ago. If that email was a fake, then there are even more concerns.

I searched the web last night and found others having the same issue. See http://answers.yahoo.com/question/index?qi...AAigNK1&r=w

Now, Kaspersky didn't want to help my father and wanted money to help him clean up the infection they caused!!

This post has been edited by wcking3: 18.10.2010 16:59
Go to the top of the page
 
+Quote Post
harlan4096
post 18.10.2010 17:05
Post #7


True legend
***************

Group: Moderators
Posts: 12032
Joined: 22.11.2005
From: Almería (Andalucía, Spain)




Welcome.

My first words are ... no antivirus programs can protect You 100% ...

With the info You gives is very diffcult to say what's really happened ... I'm sure it was not so easy as You say ...

Which Kaspersky product was?. It was updated?. Maybe malware was in the system yet ... there are so many parameters and circunstances ...

Rad this link:

http://forum.kaspersky.com/index.php?showtopic=84003

And generate GSI and AVZ reports.

Regards.


--------------------
On summer holidays but always testing!
KIS 2015 MR1 Testing PC: Real System Windows 8.1 U1 Ent. x86 K HP Compaq nx7400 Intel Core Duo T2400@1,83Ghz K 4GB RAM
KIS4A MR5 Beta Testing devices: Sony Xperia S (JB 4.1.2) K bq Livingstone 3 (JB 4.1.1)


Go to the top of the page
 
+Quote Post
wcking3
post 18.10.2010 17:14
Post #8


Newbie
*

Group: Members
Posts: 3
Joined: 18.10.2010




It was that easy and it happened exactly as I have explained. I have not left any details out, nor have I exaggerated anything. I am not trying to make Kaspersky look bad. I am just stating facts. My father didn't have Kaspersky installed. I wanted him to install Kaspersky as a replacement to Symantec.

You would be right if the Kaspersky web site only redirected his computer. I would be suspicious. But, it also redirected mine and others. I did scan my computer last night as well just to make sure and found nothing. I am running version 11.0.1.400(a.cool.gif with the latest virus definition.
Go to the top of the page
 
+Quote Post
wcking3
post 18.10.2010 18:04
Post #9


Newbie
*

Group: Members
Posts: 3
Joined: 18.10.2010




Yes, my father and I had same issue last night, 10/17/10 @ about 8:30 PM Eastern. You can see my post above this one entitled "Kaspersky was Hacked."
Go to the top of the page
 
+Quote Post
unamuno36
post 18.10.2010 18:20
Post #10


Member
**

Group: Members
Posts: 32
Joined: 16.02.2008
From: London




Yeah, I can confirmed it's Security Tool, the rogue software. I tried it out purposefully under a controlled environment last night and tried out the link from the question in Yahoo Answers and it re-directed me to a page. It then started scanning and saying I have critical infections and prompted me to download a setup file called 'Inst'. I installed the malware installer and yup, it turned out to be Security Tool.



Go to the top of the page
 
+Quote Post
rudger79
post 18.10.2010 18:26
Post #11


Forum Elite
**************

Group: Gold beta testers
Posts: 9102
Joined: 20.10.2008
From: Kodiak USA




Yeah, I see you saw the thread about that problem, it is fixed now. If you follow harlan4096 and post what he requested, the moderators here can assist you and get your fathers PC cleaned. smile.gif


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
unamuno36
post 19.10.2010 17:33
Post #12


Member
**

Group: Members
Posts: 32
Joined: 16.02.2008
From: London




Due to the lack of feedback on my previous post by anyone at the forum including moderators I would like your comments on the following sequence of events.

Where are the moderators? Normally I see you guys answering but strangely you're quiet this time. I was the last one posting in that thread and then the two threads merged making it I'm the second last poster now. Did you try not to answer or did you notify to others not to answer so this thread won't be bumped to the top, leaving this thread to drift further and further out of the eyes of others?

You missed the opportunity to set the record straight and I know I wasn't the only person knowing of this rogue software Security Tool that had hacked into your download page. You moderators knew about this at the time.

http://www.calendarofupdates.com/updates/i...showtopic=32851

By the way, I enclosed the MBAM scanning log. You can see the date and time when I did it under the controlled environment.
Attached File(s)
Attached File  mbam_log_2010_10_18__03_08_36_.txt ( 1.16K ) Number of downloads: 19
 
Go to the top of the page
 
+Quote Post
rudger79
post 19.10.2010 19:15
Post #13


Forum Elite
**************

Group: Gold beta testers
Posts: 9102
Joined: 20.10.2008
From: Kodiak USA




@unamuno36,
I guess you missed this: http://forum.kaspersky.com/index.php?s=&am...t&p=1504417 and the posts before it.

As you can see by the posts before it, there was a problem. People here on the forum, including moderators, are not employees of KL but only volunteers so we are not privy to why, whats & wheres of the inter-workings of KL sites and/or problems and decisions, these types of questions are better directed directly to KL corporate.

We can only notify when a problem occurs, which is what happened and it appears that KL took this seriously and the problem was fixed very quickly.

If you are experiencing malware issues, your posts would be better served in the virus section but since you posted the MBAM log here, it will be viewed by the malware fighters and probably moved to the virus and they will direct you further with your issue. smile.gif


--------------------
2015 Beta Test Machine specs: Windows 7 Pro x64 SP1, Real Machine (laptop), 4GB Ram No OEM stuff. My GSI Report Link

________________________________________________________________________________
1.Laptop -
Windows 7 Pro SP 1 x64 4gb - FF latest -
KIS 2015 Beta
2.Desktop -
Windows 7 Pro SP 1 x86 4gb - FF latest - KIS 2014
_______________________________________________________________________

My Kaspersky Account Kaspersky Support Ticket Request to Kaspersky Virus Lab Link to GSI Report Instructions Kaspersky Latest Product Versions
Go to the top of the page
 
+Quote Post
unamuno36
post 19.10.2010 19:38
Post #14


Member
**

Group: Members
Posts: 32
Joined: 16.02.2008
From: London




QUOTE(rudger79 @ 19.10.2010 18:15) *
@unamuno36,
I guess you missed this: http://forum.kaspersky.com/index.php?s=&am...t&p=1504417 and the posts before it.

As you can see by the posts before it, there was a problem. People here on the forum, including moderators, are not employees of KL but only volunteers so we are not privy to why, whats & wheres of the inter-workings of KL sites and/or problems and decisions, these types of questions are better directed directly to KL corporate.

We can only notify when a problem occurs, which is what happened and it appears that KL took this seriously and the problem was fixed very quickly.

If you are experiencing malware issues, your posts would be better served in the virus section but since you posted the MBAM log here, it will be viewed by the malware fighters and probably moved to the virus and they will direct you further with your issue. smile.gif


Thanks for replying.

That link you put out leads straight back into this thread.

Well, there still no moderators replying and I don't see Kaspersky releasing an official statement about it either. You do admit why they don't want to say too much about it because it's embarrassing for them, that cybercriminals managed to hack one of the most respected security vendor's website. Sure they fixed it quickly, what else they could have done otherwise and I'm not an employee of KL either but I still investigated and told what it was.

My computer isn't infected. I purposefully investigated the link and the rogue under a controlled environment. Thanks for putting that out though. I have been using KIS for about 2 years now and I love their products but I was a little disappointed by their actions though.

Anyhow, I respected you replied to my post




Go to the top of the page
 
+Quote Post
stephen
post 19.10.2010 19:52
Post #15


Member
**

Group: Members
Posts: 40
Joined: 8.06.2007
From: UK




Hello.

Any one know why KIS11.0.2.556en.exe has been removed from the following directory:

http://products.kaspersky-labs.com/english/homeuser/kis2011/

I have also checked some of the other languages, and it is also missing from their respective areas.

Thank you for any claification.

Stephen.
Go to the top of the page
 
+Quote Post
dh27564
post 19.10.2010 19:55
Post #16


Posting guru
*************

Group: Members
Posts: 4384
Joined: 6.06.2009
From: KCLE




See post #4. Looks like it's been pulled off the servers for a bit. http://forum.kaspersky.com/index.php?showtopic=189348
Go to the top of the page
 
+Quote Post
gulliver1950
post 19.10.2010 20:36
Post #17


Advanced Member IV
******

Group: Members
Posts: 711
Joined: 11.02.2008
From: TRIESTE (Italia - Italy - Италия)




QUOTE(dh27564 @ 19.10.2010 17:55) *
See post #4. Looks like it's been pulled off the servers for a bit. http://forum.kaspersky.com/index.php?showtopic=189348


It's remaining a mistery...
Go to the top of the page
 
+Quote Post
hcr973
post 19.10.2010 23:25
Post #18


Advanced Member II
****

Group: Gold beta testers
Posts: 273
Joined: 10.05.2007
From: Vancouver BC Canada




http://countermeasures.trendmicro.eu/kaspe...spread-fake-av/
UPDATE: According to a report in ITPro by Jennifer Scott, Kaspersky have been in touch to confirm that their servers were in fact compromised and the redirection was very real. The breach was made by exploiting “a third party app used for site admin”. The malicious redirection was in place for three and a half hours.


--------------------
MS Windows 7 Ultimate SP1; IE 9, Office 2010
Intel® Core™ i5-2500k
RAM16 Gb
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 26.07.2014 19:11