Kaspersky Lab and BitDefender websites hacked

UPDATE: Thanks to our commenter below who points out it that was the website of a BitDefender affiliate, not the actual company itself, that was hacked

A Romanian ‘white-hat’ hacker has successfully hacked into the websites of Russian IT security provider Kaspersky Lab and an affiliate of US antivirus vendor BitDefender.

According to a group called the Romanian Security Team, the hacker achieved full access to the database supporting the websites – which includes customer data – by simply altering a parameter in the URLs. They also found that they could perform SQL injections, remotely introducing harmful code into the database.

The group behind the hack say they have alerted the two companies of the security flaw. They have not exposed any of the data they found.

"On Saturday February 7 2009, a vulnerability was detected on a subsection of the usa.kaspersky.com domain when a hacker attempted an attack on the site," Kaspersky said in a statement.

You can read the hacker’s explanation of the fault here and here.

Pete Swabey

Pete Swabey

Pete was Editor of Information Age and head of technology research for Vitesse Media plc from 2005 to 2013, before moving on to be Senior Editor and then Editorial Director at The Economist Intelligence...

Related Topics