Kaspersky Allowed Tracking Of Millions Of Users By Injecting Unique ID
On Thursday, a German security journalist Ronald Eikenberg reported a flaw in Kaspersky antivirus software that could have leaked data of millions of Kaspersky users.
According to his report, Kaspersky injected a unique identifier into the HTML of every website a user visited. Therefore, making it ridiculously easy for perpetrators to keep track of their victim, regardless of the browser used.
The company later confirmed that their Antivirus product doesn’t interact with TOR browser, so the same isn’t possible on TOR.
The Java Script goes something like, “<script type=”text/javascript” src=”https://gc.kis.v2.scr.kaspersky-labs.com/9344FDA7-AFDF-4BA0-A915-4D7EEB9A6615/main.js” charset=”UTF-8″></script>
This is a Universally Unique Identifier (UUID) which Ronald discovered on systems with Kaspersky software. The unique ID (in bold) was present on every website he visited.
The ID popped up in every popular browser such as Firefox, Chrome, Edge, and Opera. “Without exception, even on the website of my bank, a script from Kaspersky was introduced,” he writes.
After reporting the flaw, the company told that the leak was part of all the Kaspersky Antivirus Editions launched in 2016. To put it in simpler words, people using Kaspersky AV 2016 editions for the last four years were vulnerable to leak.
This includes all the consumer versions of the software for Windows (Kaspersky Internet Security, Kaspersky Total Security, and all the free versions). Kaspersky released an update back in June which fixed the flaw. The company also issued an advisory a month later.
Kaspersky later released out a statement thanking Ronald for reporting the error. They also pointed out that a hack is highly unlikely, given the “complexity and low profitability for cybercriminals”.
Also Read: Hacker Designs Clothes For Bamboozling Automated License Plate Readers