Kaspersky's Download Site Hacked

Ouch, the irony.<p>From TFA: The company points the finger at a vulnerability in an as-yet-unnamed third-party application.<p>Take this as another reminder to keep ALL your libraries and modules up to date, be they PHPMyAdmin, your company Wordpress installation, or your RubyGems. And especially your OS!

Edit: add kaperskyusa.com (thanks privacyguru)<p><a href="http://uptime.netcraft.com/up/graph?site=kasperskyusa.com++" rel="nofollow">http://uptime.netcraft.com/up/graph?site=kasperskyusa.com++</a><p><pre><code> OS Server Last changed IP address Netblock Owner FreeBSD Apache 19-Oct-2010 198.106.101.87 NTT America, Inc. FreeBSD Apache 24-Aug-2010 198.106.101.87 NTT America, Inc. FreeBSD Apache 24-Jul-2010 198.106.101.87 NTT America, Inc. FreeBSD Apache 24-Jun-2010 198.106.101.87 NTT America, Inc. FreeBSD Apache 22-May-2010 198.106.101.87 NTT America, Inc. Linux Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.11 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a 16-Oct-2005 66.225.255.107 Hosting Services, Inc. </code></pre> <a href="http://uptime.netcraft.com/up/graph?site=kaspersky.com++" rel="nofollow">http://uptime.netcraft.com/up/graph?site=kaspersky.com++</a><p><pre><code> OS Server Last changed IP address Netblock Owner unknown nginx/0.8.27 15-Oct-2010 38.117.98.231 Performance Systems International Inc. unknown nginx/0.8.27 5-Oct-2010 38.117.98.231 Performance Systems International Inc. FreeBSD nginx/0.8.27 4-Oct-2010 195.27.181.10 Kaspersky Labs unknown nginx/0.8.27 1-Oct-2010 38.117.98.208 Performance Systems International Inc. FreeBSD nginx/0.8.27 30-Sep-2010 195.27.181.10 Kaspersky Labs unknown nginx/0.8.27 14-Sep-2010 62.213.110.141 Kaspersky Lab unknown nginx/0.8.15 13-Sep-2010 62.213.110.141 Kaspersky Lab FreeBSD nginx/0.8.15 26-Jul-2010 195.27.181.10 Kaspersky Labs FreeBSD nginx/0.8.15 14-Jun-2010 195.27.181.10 Kaspersky Labs FreeBSD nginx/0.8.15 14-May-2010 195.27.181.10 Kaspersky Labs</code></pre>

Duplicated of this one I sent hours ago, but didn't get much love:<p><a href="http://news.ycombinator.com/item?id=1807614" rel="nofollow">http://news.ycombinator.com/item?id=1807614</a>

It's not the first time they got hacked. IIRC a couple of years ago they suffered an SQL injection attack which leaked their customers' names or something.

I gotta say many people i know were easily fooled by the looks of that screen, especially this female friend of mine who was panicing so badly after she saw the screen and quickly clicked on it, and I wasn't even fast enough to stop her.