Russian security company Kaspersky Lab's Web site for Malaysia was defaced on Saturday along with one of its online shopping sites, according to Zone-H, an organization that documents such attacks.
The attacker, nicknamed "m0sted," wrote that the site was compromised through SQL injection, wrote Roberto Preatoni on a Zone-H posting.
The attack involves inputting code into a form on a Web page in an attempt to get the back-end database to respond. It can enable the hacker to gain control over the Web site.
Kaspersky has since locked down the site, which is apparently running Microsoft's Internet Information Services Web server. The site is no longer open to the public and requires a user name and password for access.
Images of the hack posted on Zone-H show repeated subjects in the left-hand news section reading "hacked by m0sted and amen Kaspersky Hax0red No War." Other secondary pages were also compromised, Preatoni wrote.
Kaspersky could not be immediately reached for a comment. But Preatoni said that while the attacks appear to be just vandalism, there could be more serious risks.
Evaluation copies of Kaspersky's security software are distributed on the sites, Preatoni wrote. It might have been possible for an attacker to upload malicious software labeled as Kaspersky's software, which would dupe users into thinking the file is okay.
Zone-H has included a log of other times Kaspersky's site has been hacked. But Kaspersky isn't the only security company to have trouble keeping meddlers at bay.
In March, Trend Micro's Web site was one of tens of thousands affected by a wide-ranging attack that inserted JavaScript code to direct visitors to a malicious Web server in China. Security vendor CA's Web site was struck with similar problems in January.
- Sponsored Resource:How does your network security compare to those of your peers? Visit the CDW Security Center to find out.
- Sponsored Resource:Learn more about ultra light notebooks from Asus and the best warranty in the industry.
- Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
- Sponsored Resource:Get the truth about remanufactured ink. Learn more from HP.
- Sponsored Resource:Six smart ways to grow small business IT
News For Your Business
- Data Mining for Terrorists Is Futile
- Security Software Performs Poorly in Exploit Test
- Six Essential Apple iPhone Security Tips
- Obama Beats McCain as Spam Target
- Vendors, Cops, Profs Team to Study Cybercrime
Community Comments