Major anti-virus company hacked

Kommando.com ^ | 6-11-15 | Kim Kommando

[TurboZamboni]

Cybersecurity firm Kaspersky Lab announced that it has detected an intrusion into its own systems, and you'll never believe who the company thinks is behind it. CEO Eugene Kaspersky claims a nation-state hacked into his company's network in order to steal information about its technologies. The unidentified hackers exploited security flaws in Microsoft Software Installer files to infect Kaspersky's network with malware. Kaspersky is referring to the malware as "Duqu 2.0", because it appears to be tied to the same cybercriminals that used Duqu malware to attack Iran, India, France and Ukraine a few years ago. Back then, the hackers spread the malware using security flaws in Microsoft Word.

[CGASMIA68]

LOVELY

[lysie]

For later.

[dayglored]

No problem with this posting, but be aware this is the SAME hack from about a week ago that's been discussed in other threads.

This is NOT a NEW hacking event.

(Whew! had me going for a minute when I read the headline!)

[proxy_user]

You would think a security firm would be running an all-Linux system.

[cynwoody]

Eugene Kaspersky

[cynwoody]

You would think a security firm would be running an all-Linux system.

True.

But most of their customers are on Windows, so I expect they must run Windows boxes for research, development, and testing.

[McGruff]

Kaspersky lives in Moscow with his third wife and has four children.

Gee. That didn't set off any alarm bells?

[smokingfrog]

The jews did it?

[cynwoody]

Gee. That didn't set off any alarm bells?

Maybe he needs to call security.

[for-q-clinton]

Why Linux had a ton of vulnerabilities throughout the year..
Just like all OSes.

[rarestia]

Ehh... take with a grain of salt. They weren’t exactly “hacked.” Someone opened something with malicious code and set it free inside their network. They’re likely tracking it very closely. The problem with MOST malware and viruses is that at some point they have to phone home. They can open ports all over the place or attempt egress penetration tests, but if Kaspersky is buttoned up well enough, they’ll likely find where it’s hiding and isolate it.

In a network with segmentation, firewalls, and adequate monitoring, they can isolate the infection and either cure or kill it by shutting down the affected systems. I’d have to imagine things like storage, hypervisors, and email systems are on protected networks. That’s the simplest way to protect a network from an outbreak. Flat networks are usually bad news.

[Kid Shelleen]

Is this related to the Lastpass hack or an entirely different incident?

http://www.cbsnews.com/news/lastpass-password-manager-hacked/

[GGpaX4DumpedTea]

Hey, they need to run Norton Power Eraser - Free virus and spyware removal tool.

https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN_EndUserProfile_en_us

And btw, it works :)

[bicyclerepair]

Using Linux mint now. 17.1 called “Rebecca”.

Nyah nyah, come get me, NOT. FU hackers.

[McGruff]

Aw come on! You use an anti-virus program created by a Russian?

[SgtHooper]

roh roh

[cynwoody]

Dmitri tours Kaspersky Lab in 2009: https://www.youtube.com/watch?v=AVv4is_vkHI

[Hawthorn]

Actually, if the guy in your picture were Russian, his shirt would say OXPAHA (Latin alphabet = Okhrana) -- which means "security" in the Russian language but which also was the official name of the Czar's much dreaded secret police. You'll see that exact name on shirts and uniforms today around ritzy hotels in Moscow and other places frequented by Russia's nouveaux riches. Kinda creepy, IMHO.

[cynwoody]

Actually, if the guy in your picture were Russian, his shirt would say OXPAHA

He's not Russian, although he does reside in Moscow (as far as we know). Он Эдвард Сноуден.