July 21, 2008, 11:19 AM — Russian security company Kaspersky Lab's Web site for Malaysia was defaced on Saturday along with one of its online shopping sites, according to Zone-H, an organization that documents such attacks.
The attacker, nicknamed "m0sted," wrote that the site was compromised through SQL injection, wrote Roberto Preatoni on a Zone-H posting.
The attack involves inputting code into a form on a Web page in an attempt to get the back-end database to respond. It can enable the hacker to gain control over the Web site.
Kaspersky has since locked down the site, which is apparently running Microsoft's Internet Information Services Web server. The site is no longer open to the public and requires a user name and password for access.
Images of the hack posted on Zone-H show repeated subjects in the left-hand news section reading "hacked by m0sted and amen Kaspersky Hax0red No War." Other secondary pages were also compromised, Preatoni wrote.
Kaspersky could not be immediately reached for a comment. But Preatoni said that while the attacks appear to be just vandalism, there could be more serious risks.
Evaluation copies of Kaspersky's security software are distributed on the sites, Preatoni wrote. It might have been possible for an attacker to upload malicious software labeled as Kaspersky's software, which would dupe users into thinking the file is okay.
Zone-H has included a log of other times Kaspersky's site has been hacked. But Kaspersky isn't the only security company to have trouble keeping meddlers at bay.
In March, Trend Micro's Web site was one of tens of thousands affected by a wide-ranging attack that inserted JavaScript code to direct visitors to a malicious Web server in China. Security vendor CA's Web site was struck with similar problems in January.
