Search the Community

Hacker reported vulnerability in Kaspersky website; Demonstrated malware spreading technique The cyber Security Analyst 'Ebrahim Hegazy' (@Zigoo0) Consultant at Q-CERT has found an "Unvalidated Redirection Vulnerability" in the website of the giant security solutions vendor "Kaspersky". Ebrahim, who found a SQL Injection in "Avira" website last month, this time he found a Unvalidated Redirection Vulnerability that could be exploited for various purposes such as: Cloned websites (Phishing pages) It could also be used by Black Hats for Malware spreading In the specific case what is very striking is that the link usable for the attacks is originated by a security firm like Kaspersky with serious consequences. Would you trust a link from your security vendor? Absolutely Yes! But imagine your security vendor is asking you to download a malware! To explain how dangerous the situation is when your security vendor is vulnerable, Ebrahim Hegazy sent me a video explaining the malware spreading scenario to simulate a Black Hat's exploiting Unvalidated Redirection Vulnerability in Kaspersky website to serve a malware. explained Ebrahim Hegazy.After the researcher reported the vulnerability to Kaspersky team, it took about 2 months to fix the vulnerability, it is really a long time considering that if a hacker had found this flaw before Hagazy he could spread links using Kaspersky.com. The consequences of unfixing of such vulnerability are critical Wide infection - since the redirection is coming from a trusted source especially if the attacker registered a domain name similar to Kaspersky.com Very bad reputation for Kaspersky company. Your most trusted resource "Your Antivirus" will be your worst enemy! Would you trust anything else! And many other consequences. The vulnerability was reported to Kaspersky web-team and is now fixed. Via: Hacker reported vulnerability in Kaspersky website; Demonstrated malware spreading technique - The Hacker News