Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security IT

Kaspersky Defends Stealth Swap of Antivirus Software on US Computers (techcrunch.com) 29

Cybersecurity firm Kaspersky has defended its decision to automatically replace its antivirus software on U.S. customers' computers with UltraAV, a product from American company Pango, without explicit user consent. The forced switch, affecting nearly one million users, occurred as a result of a U.S. government ban on Kaspersky software.

Kaspersky spokesperson Francesco Tius told TechCrunch that the company informed eligible U.S. customers via email about the migration, which began in early September. Windows users experienced an automatic transition to ensure continuous protection, while Mac and mobile users were instructed to manually install UltraAV. Some customers expressed alarm at the unannounced software swap. Kaspersky blamed missed notifications on unregistered email addresses, directing users to in-app messages and an online FAQ. The abrupt change raises concerns about user autonomy and privacy in software updates, particularly as UltraAV lacks an established security track record.
This discussion has been archived. No new comments can be posted.

Kaspersky Defends Stealth Swap of Antivirus Software on US Computers

Comments Filter:
  • We got a workaround? (Score:2, Interesting)

    by Neeko110 ( 933053 )
    I'm sticking with kaspersky one way or another....Any known work around yet?
    • by Luckyo ( 1726890 ) on Thursday September 26, 2024 @02:03PM (#64819745)

      Considering Kaspersky is on the entity list, it's probably looking to just divest of any US interests ASAP to avoid further sanctions to preserve it's reputation abroad for the rest.

      I wouldn't be surprised if they make some effort to block machines in US from installing their AV.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      Send everything on your computer directly to Kremlin without going thru Kaspersky

      • Send everything on your computer directly to Kremlin without going thru Kaspersky

        What evidence exists that this happens?

        I am asking honestly. I do not really know the backstory.

        • The backstory is that it's software developed by Russians. And since they're Russians, it's suspected that they built into the software the ability to do things that the end user wouldn't be aware of, and possibly install software on their machines quietly. Need more proof than this article?

  • by JThundley ( 631154 ) on Thursday September 26, 2024 @02:25PM (#64819805)

    I don't understand why this is such a huge controversy, the whole thing seems really straightforward:
    1. Kaspersky is banned from the US.
    2. Kaspersky plans to replace their soon to be unsupported antivirus software with an American one (a good thing to do, seems like Kaspersky really does care about the security of their users).
    3. Kaspersky communicates this to their customers via email and the application (again, this is the right way to do it and a good thing).
    4. The time comes and Kaspersky replaces it's software with the US antivirus.

    And then the result of this is users saying "omg this software that has complete control of my computer is able to install software?!?! Scary!" Give me a break. This whole thing is such a non-story, please correct me if I'm missing something or if you have a different perspective.

    • You're correct. It'd actually irresponsible for them to do otherwise and they communicated pretty clearly on the issue. I'm guessing they got paid by UltraAV (or whatever), though. However, I can't really blame them. The seemed to have made the best of a bad situation and did right by their users. I suspect this was more red meat for the "Russia! Russia! Russia!" hyperventilation crowd which is a significant part of Slashdot's base and admins.
      • by brunes69 ( 86786 )

        It is very likely the opposite, that Kaspersky OEMed UltraAV.

        Kaspersky is a huge, very profitable company. UltraAV is a nothingburger.

        In fact I would not be surprised if Kaspersky has not taken a majority stake in the company.

    • by Coopjust ( 872796 ) on Thursday September 26, 2024 @04:16PM (#64820101)
      It's very questionable how "american" UltraAV is. UltraAV is owned by Pango, a site which owns multiple VPN companies and a VPN review site (not suspicious at all).

      Pango is in turn owned by WC SACD Holdings Inc, a Massachussets company. The CEO, Hari Ravichandran, is the CEO of Aura and talks as Pango as a subsidiary [jpmorgan.com]. Aura in turn has a technobabble about us page that says nothing [aura.com].

      The UltraAV software itself isn't signed by Pango, WC, or Aura. It's signed by "Max Secure Software India Private Limited". Which, at best, means that Pango subcontracted an Indian AV to brand as American so Kaspersky could claim they swapped out an AV for an "American" one. MaxSecure is generally considered sketchy software and has asked to be unlisted as a potentially unwanted program among other AV/antimalware apps [reddit.com], and that it will false positive files for the illusion of being effective.

      This is sketchy as hell, and never should have been done without user consent, much less with the company they chose to contract.
      • by vbdasc ( 146051 )

        It's very questionable how "american" UltraAV is. UltraAV is owned by Pango, a site which owns multiple VPN companies and a VPN review site (not suspicious at all).

        Pango is in turn owned by WC SACD Holdings Inc, a Massachussets company. The CEO, Hari Ravichandran...

        This is American in my book. Does the name of the CEO bother you?

        Anyway, the government is free to ban them as well if they pose a security risk. It's their job and their obligation, after taking the responsibility to ban Kaspersky.

        This is sketchy as hell, and never should have been done without user consent, much less with the company they chose to contract.

        The alternative possibly was to leave the users without an AV software at all, and possibly they did the lesser evil.

        They've been banned from the US. They have no obligations to American users anymore, and anything they still do is goodwill. They communicated their intentions via

        • They've been banned from the US. They have no obligations to American users anymore, and anything they still do is goodwill.

          They've been banned from the US. That means they have no business installing anything on anything without explicit consent, especially sketchy software. This is an attack on computers of our nation by a foreign adversary.

      • by AmiMoJo ( 196126 )

        Well what do you expect when the US placed sanctions on Kaspersky? It's difficult for them to work with an American company now, so of course it was going to push Kaspersky users towards this kind of thing.

        It was a stupid decision and made Americans less secure. If the authorities actually cares they would have not just banned Kaspersky, but worked with them to migrate users onto an All American Made solution.

      • This is sketchy as hell, and never should have been done without user consent, much less with the company they chose to contract.

        That doesn't sound American at all. I bet the users who were running *checks notes* a Russian AV solution are very upset about UltraAV's lack of Americanness.

    • by Anonymous Coward
      Blizzard forcefully updates Warcaft 3 to Warcraft 3 Reforged, users revolt.
      Then they convert Overwatch to Overwatch 2, endless complaints.
      Microsoft accidentally updates some Windows 10 users to Windows 11, Slashdot loses its mind at good ol evil "Macro$$$shit taking over machines we no longer own".
      But an antivirus automatically installs a completely separate antivirus product from another vendor and now suddenly "duhhhh, I don't know why this bad, me dumb".
      Perhaps you'd like to shut down your Ubuntu
      • by vbdasc ( 146051 )

        Blizzard forcefully updates Warcaft 3 to Warcraft 3 Reforged, users revolt.

        Then they convert Overwatch to Overwatch 2, endless complaints.

        Microsoft accidentally updates some Windows 10 users to Windows 11, Slashdot loses its mind at good ol evil "Macro$$$shit taking over machines we no longer own".

        But an antivirus automatically installs a completely separate antivirus product from another vendor and now suddenly "duhhhh, I don't know why this bad, me dumb".

        Bad analogy. Windows 10 still works, and users are rightfully angry when it is suddenly replaced by Windows 11.

        Kaspersky is forced by the government to not work anymore. Doing nothing is a bad option, unlike the Windows case, because it leaves users' computers unprotected.

Most public domain software is free, at least at first glance.

Working...