Posted on 20-07-2008
Kaspersky Malaysia Hacked(UPDATED)
Filed Under (Hacking, Malaysia, Security) by scamboy

Kaspersky Malaysia’s website-http://www.kaspersky.com.my/ and http://antivirus365.net/ has been hacked yesterday.

Here’s some screen shots:

Kaspersky has one of the top security solutions in the world and yet hackers are few steps ahead them. This hack is believed to have used the “SQL injection” technique.

Apparently, it not the first time a Kaspersky’s website has been hacked. Here’s some history with the hacker’s name and their message:

16/12/2000 5:04:51;Furia.BR;http://www.kasperskylab.com.br;;Linux;;;
14/04/2003 6:21:25;S4t4n1c_S0uls;http://kaspersky.cyberspaceplaza.com;80.71.2.74;Linux;;As a challenge
09/06/2005 17:17:24;ArCaX-ATH;http://kkaspersky.dap.ro;80.96.205.14;FreeBSD;Apache;I just want to be the best defacer
01/07/2005 12:33:26;darkXside;http://mailwatcher.kaspersky.fr/welcome.htm;217.117.147.53;Linux;Apache;Heh…just for fun!
01/07/2005 12:35:40;darkXside;http://netasq.kaspersky.fr/welcome.htm;217.117.147.53;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://grandpublic.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://kb.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://webscanner.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://partners.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://case.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:00:13;sikik;http://forum.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 12:02:43;sikik;http://entreprises.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Not available
22/10/2005 12:04:03;sikik;http://linux.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Not available
22/10/2005 14:07:11;sikik;http://education.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:08:27;sikik;http://esac.kaspersky.fr/index2.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:09:40;sikik;http://eurnet.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:10:37;sikik;http://exes.kaspersky.fr;217.117.147.55;Linux;Apache;I just want to be the best defacer
22/10/2005 14:12:42;sikik;http://internal.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Patriotism
22/10/2005 14:15:23;sikik;http://klxweb.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:16:28;sikik;http://lanexpert.kaspersky.fr;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:17:50;sikik;http://mtf.kaspersky.fr;217.117.147.55;Linux;Apache;Heh…just for fun!
22/10/2005 14:19:22;sikik;http://neuf.kaspersky.fr;217.117.147.55;Linux;Apache;Not available
22/10/2005 14:21:41;sikik;http://tracker.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Not available
24/10/2005 4:20:39;sikik;http://netasq.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Revenge against that website
24/10/2005 4:23:05;sikik;http://mailwatcher.kaspersky.fr/index.html;217.117.147.55;Linux;Apache;Revenge against that website
21/03/2006 3:17:02;Red Eye;http://kaspersky.marken.com.pl;212.244.33.1;Linux;Apache;Political reasons
06/06/2006 22:03:30;Digital-club Cetus & club;http://www.kaspersky-me.com/logs;207.36.230.131;Win 2003;IIS/6.0;As a challenge
07/06/2006 11:02:27;Cetus&Club;http://www.kaspersky.com.tr/ftp;207.36.230.131;Win 2003;IIS/6.0;I just want to be the best defacer
24/06/2006 17:38:16;Soot Hackers;http://kaspersky.ir/soot.htm;207.176.219.41;Win 2003;IIS/6.0;Heh…just for fun!
25/06/2006 21:30:13;system_DaRK;http://kaspersky.venetian-red.org/files;69.73.159.153;Linux;Apache;Not available
04/07/2006 19:27:16;Soot Hackers;http://reseller.kaspersky.ir/soot.txt;207.176.219.41;Win 2003;IIS/6.0;Heh…just for fun!
04/07/2006 20:36:08;Soot Hackers;http://kaspersky.virusless.ir/soot.txt;207.176.219.41;Win 2003;IIS/6.0;Heh…just for fun!
09/09/2006 20:59:28;eno7;http://kaspersky.kivi.si/default.asp;212.103.159.11;Win 2003;IIS/6.0;As a challenge
23/01/2007 22:06:37;DeltahackingSecurityTEAM;http://kaspersky.ir;207.176.219.41;Win 2003;IIS/6.0;Heh…just for fun!
03/05/2007 2:18:54;Cyber-Terrorist;http://www.kaspersky.com.br;67.15.159.101;Linux;Apache;Not available
08/09/2007 3:47:47;blackwolf;http://kb.kaspersky.com.au/default.aspx;203.25.128.3;Win 2003;IIS/6.0;Heh…just for fun!
05/03/2008 22:59:35;Crackers_Child;http://www.kaspersky.ro;193.226.140.143;Linux;Apache;I just want to be the best defacer
08/03/2008 23:45:28;AYYILDIZ;http://kaspersky.avsecuritystore.com/includes/languages/norwegian.php;88.87.41.226;Linux;Apache;As a challenge
27/03/2008 23:02:16;Algeria Security Crew;http://support.kaspersky.fr;87.98.202.50;Linux;Apache;I just want to be the best defacer
29/03/2008 14:12:37;Zero-Cool;http://elitecore.kaspersky.fr;87.98.202.50;Linux;Apache;Not available
29/03/2008 14:16:51;Zero-Cool;http://kaspersky.fr/WebConfig.ini;87.98.202.50;Linux;Apache;Not available
29/03/2008 14:22:03;Zero-Cool;http://education.kaspersky.fr;87.98.202.50;Linux;Apache;Not available
29/03/2008 14:27:46;Zero-Cool;http://netasq.kaspersky.fr/tut.htm;87.98.202.50;Linux;Apache;Not available
19/07/2008 13:16:28;m0sted;http://www.kaspersky.com.my;210.48.157.25;Win 2003;IIS/6.0;Patriotism

via Zone-H

Update:

Looks like Kaspersky has locked down the entire site today(July 21, 08).

A valid username and password is required to access http://www.kaspersky.com.my as the site is not open to public.

An email sent to Kaspersky Malaysia yesterday was not replied. It seems that the webmaster was not aware that part of the website was still under the hackers control until they locked down the site today.

Bookmark this article:
  • Digg
  • del.icio.us
  • blogmarks
  • Netscape
  • NewsVine
  • Technorati
  • YahooMyWeb
  • Slashdot
  • StumbleUpon
  • Furl
  • Reddit
  • blinkbits
  • BlogMemes
  • BlogMemes Jp
  • Fark
  • Internetmedia
  • Netvouz
  • PlugIM
  • description
  • SphereIt
  • Spurl
  • TailRank
  • Blue Dot
  • description
  • feedmelinks
  • IndianPad
  • LinkaGoGo
  • Linkter
  • Simpy
  • eKudos
  • Facebook
  • Google
  • Live
  • Mixx
  • MyShare
  • E-mail this story to a friend!
  • TwitThis

If you enjoyed this post, make sure you subscribe to my RSS feed

    Read More   

Comments

Hackers on 20 July, 2008 at 11:00 pm #

I, you will play an important part in the work of many Malaysia volunteer projects and gain a unique insight into this beautiful and diverse country. Hackers


Marcus on 22 July, 2008 at 11:41 am #

what a joke. That site was just a mock up site, wasn’t even operational and some password guesser make it into a “hack” success story…..lame


Mehh on 27 July, 2008 at 11:44 am #

210.48.157.25.. TMnet Cyberjaya 5 IDC, probably seen their server before heh


Simon H on 28 July, 2008 at 10:27 pm #

Several publications have recently reported that Kaspersky Lab’s official Malaysian website, as well as its Malaysian online store, were attacked by a Turkish hacker known as “m0sted”. According to the hacker’s own statement, the attack was conducted using an SQL-injection. The reports hinted at “big risks for end-users” that could be caused by the attack.

It should be stressed that both websites that were attacked are managed using third-party hosting. The sites have never been publicly accessible as they are still under construction.

Since the websites are still being developed, they haven’t yet been fully secured. Naturally appropriate security features will be implemented before the sites go live.

This situation can be compared to a thief breaking into an empty house that is still under construction and has not been yet properly secured. Breaking in is therefore an easy task, but in such cases there is nothing to steal or damage – the websites are not yet live and are not linked to other Kaspersky Lab corporate websites. It seems clear that the attacker’s only motive was to attract attention.

We therefore do not believe that this attack could harm users in any way. Additionally, it will not be possible to use this attack method once the websites have been officially launched.


Michelle Wong on 4 August, 2008 at 11:59 pm #

RE : INVITATION TO H@CKER | HALTED MALAYSIA 2008 – DEFENDING THE FRONTIER

EC-Council, headquartered in Albuquerque, New Mexico is holding an international conference and workshop on Information Security on 3rd, 4th, 5th and 6th November 2008 in collaboration with Universiti Tun Abdul Razak (UNITAR) and EC-Council Asia Pacific. The invited Patron for the event is the Deputy Prime Minister of Malaysia, Y.B Dato’ Sri Haji Mohd. Najib bin Tun Haji Abdul Razak.

Event : Hacker Halted Malaysia 2008
Venue : Sunway Convention Centre
Date : 3rd to 6th November 2008

The explosive growth of internet usage worldwide, currently standing at 1.4 Billion Internet user (Source : internetworldstats.com) coupled with heavy reliance on technology for all business processes requires organizations to place more emphasis on Information Security – to secure against internal and external threats.

The Hacker Halted aims to raise international awareness towards increased education and ethics in Information Security. In line with that, Hacker Halted Malaysia 2008 Conference will feature some of the top names in Information Security to cover the latest topics – Malware Forensics, Insider Threats, Cyberterrorism, Social Engineering, Virtual Worlds and a Live Demonstration on Network Hacking, among others. The Pre-Conference Workshop will be conducted by EC-Council Master Trainers, covering topics on Ethical Hacking and Countermeasures (CEH), EC-Council Disaster Recovery Professional (DR), EC-Council Security Analyst (ECSA) and EC-Council Certified Secure Programmer (ECSP). The Pre-Conference Workshop is available in a very attractive 3-in-1 package – where you get to attend a full fledge 5-Day Programme (prior to the Conference, according to our public schedule), the 2-Day Pre-Conference Workshop and the 2-Day Conference. Check out the pricing in the attached brochure.

The Hacker Halted Conference and Pre-Conferences are very packaged to suit every organization. The Pre-Conferences are suitable for those who are hands-on in developing, managing and administering the IT infrastructure and systems, while the Conference is to benefit decision makers and C-Level Officers.


Post a Comment
Name(required):
Email(required):
Website:
Comments: