Moscow’s Kaspersky Lab was hacked by a hacker known as Unu
Moscow’s Kaspersky Lab was hacked by a hacker known as Unu, he was able to break into a section of the company’s brand-new U.S. support Web site by taking advantage of a loop flaws in the site coding.
Kaspersky Senior Research Engineer Roel Schouwenberg said that while he believes that the hacker did not access any customer information such as e-mail addresses, the hack would hurt the company’s image. “This is not good for any company, and especially a company dealing with security,” he said. “This should not have happened, and we are now doing everything within our power to do the forensics on this case and to prevent this from ever happening again.”
Kaspersky has hired database expert to identify the flaw in coding and report back within 24 hours. This kind of attacks does not left the traces behind to detect the flaw.
Unu notified Kaspersky of the bug via e-mail on Friday, and then one hour later hacked into the site. Kaspersky didn’t see that e-mail until much later, but the company realized it had been hacked by around noon Eastern Time on Saturday, Schouwenberg said. Just 15 minutes later, Kaspersky reverted to an older version of its support site code, which did not contain the error.
Kaspersky believes that Unu is from Romania, but is not seeking legal action in the case. Romanian authorities have limited resources and are unlikely to investigate the incident further, Schouwenberg said in an e-mail.