A recent discovery by German reporter – Ronald Eikenberg – revealed a security flaw in Kaspersky AntiVirus; which leaves millions of users exposed to cyber-espionage and more aggressive cyberattacks.
As reported by Jeb Su – an executive officer at Atherton Research – Eikenberg made his discovery while testing the antivirus for a publication. During the test, he noticed a strange feature in the source code (HTML) of a website. After further investigation, he discovered that Kaspersky was injecting Java scripts into pages of websites; creating a loophole for cyber-espionage, while exposing users to cyberattacks.
According to Eikenberg (as reported by Jeb Su), the Java script injection was an attempt to establish interaction between the antivirus and host computers’ browsers. However, cybercriminals are leveraging on the resulting loophole – bastardizing the initial intention of the developers.
Surprisingly, this feature has been around for about three years now (since 2016); and it’s believed that millions of Kaspersky users, particularly those using Windows, have been victims of cyber-espionage – occasioned by the “Kaspersky security flaw”.
The imminence of cyberattack from Kaspersky security flaw
The injection of Java script into users’ webpages was classified as a “privacy breach” by Ronald Eikenberg. According to the German reporter, the script allows Kaspersky to sniff users’ web traffic; this way, they gain firsthand knowledge about users’ browsing experience.
Furthermore, the Eikenberg stressed that; ‘Even the incognito mode offers no protection against Kaspersky’s tracking’. This, of course, is a serious privacy breach by Kaspersky. And it’s believed that hackers have been leveraging on this breach since 2016 to spy on millions of users. Worse still, users are greatly at risk of more aggressive cyberattacks.
Kaspersky Labs’ response
In response to this damning revelation by Eikenberg, Kaspersky Labs “feigned” ignorance of the security flaw. The security company claimed they lack prior knowledge of the leak created by the “Java script” feature.
In their words, as made available by Atherton Research: Kaspersky is working on fixing the security flaw.
The released patch & Atherton’s recommendation
Kaspersky Labs made good on their promise to address the leak by releasing a patch to fix the leak. The patch assigns a uniform identifier to all Kaspersky Antivirus users. This makes it much more difficult to access individual’s personal information. Nonetheless, users are still exposed, as hackers can easily determine whether a user is using the patched version or not.
Ultimately, to prevent the “Kaspersky security flaw” and eliminate associated risks, users are advised to disable the “spy Java script”. This can be done, manually, in the antivirus program’s settings.
Want to know more about cybersecurity?.