kaspersky2010

Kaspersky USA Download Link = Attack Page???

18 posts in this topic

USA site's Product Downloads > KIS > 2011 > English(USA/Canada)

***(http://)***(webarh)***(.com)***/z.php?file=kis〈=en&ver=2011&pn=Downloads+%257C+Product+Updates+%257C+Kaspersky+Internet+Security

 

This link leads to a 'Reported Attack Page!' warning in Firefox.

 

EDIT: When the 'ignore this warning' link is clicked, the 'problem loading page' page is shown (Firefox can't establish a connection to the server at 77.78.245.127.)

Edited by Kaspersky User 123

Share this post


Link to post
Share on other sites
Chrome or IE 9, same problem.

 

Hello,

 

Thanks, it should be fixed.

 

Cheers

Share this post


Link to post
Share on other sites

Firefox - 404 not found

Chrome - Broken link.

 

Still seems to be an issue, but not reported as attack site.

Share this post


Link to post
Share on other sites

Same happened to me last night.Scareware attack..trying to pitch a fake antivirus.Tried to close the message window,but then it started to display a phoney window saying i was infected.Closed ie..used task manager to close message window..cleaned temp files..reboot..ran full scan..and ran a full malwarebytes scan..completely clean.HOpefully noone fell for it and downloaded the fake antivirus.Thanks Kaspersky for keeping me safe.

Share this post


Link to post
Share on other sites

I directed my father to Kaspersky last night and he called me back and stated he must have been redirected to a another site and was infected. I remotely took over his computer and found that he was infected with a Malware virus. So, I decided to go to Kaspersky myself at http://usa.kaspersky.com/downloads/product-updates last night, 10/17/10 @ about 8:30 PM Eastern. I clicked the download for the Internet Security product and sure enough I was also redirected to a malware site. Hum, Kaspersky was obviously hacked. About an hour later Kaspersky took their download site offline.

 

I called Kaspersky this morning and they are denying that this happened. They are stating that I must have went to a phishing site or a site that looks like them. Sorry Kaspersky, I typed the correct URL above and was redirected directly from your web site. I even went to my order email from Kaspersky I purchase 7-months ago. I clicked the download link from that email and sure enough I was redirected to the same malware site. Kaspersky said that email was probably a fake email. Really, because it has all my order information on it and it worked 7-months ago. If that email was a fake, then there are even more concerns.

 

I searched the web last night and found others having the same issue. See http://answers.yahoo.com/question/index?qi...AAigNK1&r=w

 

Now, Kaspersky didn't want to help my father and wanted money to help him clean up the infection they caused!!

Edited by wcking3

Share this post


Link to post
Share on other sites

Welcome.

 

My first words are ... no antivirus programs can protect You 100% ...

 

With the info You gives is very diffcult to say what's really happened ... I'm sure it was not so easy as You say ...

 

Which Kaspersky product was?. It was updated?. Maybe malware was in the system yet ... there are so many parameters and circunstances ...

 

Rad this link:

 

http://forum.kaspersky.com/index.php?showtopic=84003

 

And generate GSI and AVZ reports.

 

Regards.

 

Share this post


Link to post
Share on other sites

It was that easy and it happened exactly as I have explained. I have not left any details out, nor have I exaggerated anything. I am not trying to make Kaspersky look bad. I am just stating facts. My father didn't have Kaspersky installed. I wanted him to install Kaspersky as a replacement to Symantec.

 

You would be right if the Kaspersky web site only redirected his computer. I would be suspicious. But, it also redirected mine and others. I did scan my computer last night as well just to make sure and found nothing. I am running version 11.0.1.400(a.B) with the latest virus definition.

Share this post


Link to post
Share on other sites

Yes, my father and I had same issue last night, 10/17/10 @ about 8:30 PM Eastern. You can see my post above this one entitled "Kaspersky was Hacked."

Share this post


Link to post
Share on other sites

Yeah, I can confirmed it's Security Tool, the rogue software. I tried it out purposefully under a controlled environment last night and tried out the link from the question in Yahoo Answers and it re-directed me to a page. It then started scanning and saying I have critical infections and prompted me to download a setup file called 'Inst'. I installed the malware installer and yup, it turned out to be Security Tool.

 

 

 

 

Share this post


Link to post
Share on other sites

Yeah, I see you saw the thread about that problem, it is fixed now. If you follow harlan4096 and post what he requested, the moderators here can assist you and get your fathers PC cleaned. :)

Share this post


Link to post
Share on other sites

Due to the lack of feedback on my previous post by anyone at the forum including moderators I would like your comments on the following sequence of events.

 

Where are the moderators? Normally I see you guys answering but strangely you're quiet this time. I was the last one posting in that thread and then the two threads merged making it I'm the second last poster now. Did you try not to answer or did you notify to others not to answer so this thread won't be bumped to the top, leaving this thread to drift further and further out of the eyes of others?

 

You missed the opportunity to set the record straight and I know I wasn't the only person knowing of this rogue software Security Tool that had hacked into your download page. You moderators knew about this at the time.

 

http://www.calendarofupdates.com/updates/i...showtopic=32851

 

By the way, I enclosed the MBAM scanning log. You can see the date and time when I did it under the controlled environment.

mbam_log_2010_10_18__03_08_36_.txt

Share this post


Link to post
Share on other sites

@unamuno36,

I guess you missed this: http://forum.kaspersky.com/index.php?s=&am...t&p=1504417 and the posts before it.

 

As you can see by the posts before it, there was a problem. People here on the forum, including moderators, are not employees of KL but only volunteers so we are not privy to why, whats & wheres of the inter-workings of KL sites and/or problems and decisions, these types of questions are better directed directly to KL corporate.

 

We can only notify when a problem occurs, which is what happened and it appears that KL took this seriously and the problem was fixed very quickly.

 

If you are experiencing malware issues, your posts would be better served in the virus section but since you posted the MBAM log here, it will be viewed by the malware fighters and probably moved to the virus and they will direct you further with your issue. :)

Share this post


Link to post
Share on other sites
@unamuno36,

I guess you missed this: http://forum.kaspersky.com/index.php?s=&am...t&p=1504417 and the posts before it.

 

As you can see by the posts before it, there was a problem. People here on the forum, including moderators, are not employees of KL but only volunteers so we are not privy to why, whats & wheres of the inter-workings of KL sites and/or problems and decisions, these types of questions are better directed directly to KL corporate.

 

We can only notify when a problem occurs, which is what happened and it appears that KL took this seriously and the problem was fixed very quickly.

 

If you are experiencing malware issues, your posts would be better served in the virus section but since you posted the MBAM log here, it will be viewed by the malware fighters and probably moved to the virus and they will direct you further with your issue. :)

 

Thanks for replying.

 

That link you put out leads straight back into this thread.

 

Well, there still no moderators replying and I don't see Kaspersky releasing an official statement about it either. You do admit why they don't want to say too much about it because it's embarrassing for them, that cybercriminals managed to hack one of the most respected security vendor's website. Sure they fixed it quickly, what else they could have done otherwise and I'm not an employee of KL either but I still investigated and told what it was.

 

My computer isn't infected. I purposefully investigated the link and the rogue under a controlled environment. Thanks for putting that out though. I have been using KIS for about 2 years now and I love their products but I was a little disappointed by their actions though.

 

Anyhow, I respected you replied to my post

 

 

 

 

 

Share this post


Link to post
Share on other sites

http://countermeasures.trendmicro.eu/kaspe...spread-fake-av/

UPDATE: According to a report in ITPro by Jennifer Scott, Kaspersky have been in touch to confirm that their servers were in fact compromised and the redirection was very real. The breach was made by exploiting “a third party app used for site admin”. The malicious redirection was in place for three and a half hours.

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.