CyberNews Briefs

Kaspersky Antivirus flaw leaves millions open to online hack

A flaw in Kaspersky Antivirus put millions of users at risk by making it possible for websites to track the online activity of users without their consent, a security journalist has discovered. The software contained a module that injected JavaScript code onto web pages visited by Kaspersky users. The code contained a unique ID number for each individual device, which could be read by other scripts running on the domain, thereby allowing websites to track Kaspersky users via this ID.

Websites could even track users if they were browsing in incognito mode or deleted browser cookies after every session. After the security researcher disclosed the issue to Kaspersky, the company abandoned the unique identifiers, admitting that those “can potentially lead to the disclosure of a user’s personal information.” However, the company argues that while “such scenarios of user’s privacy compromise are theoretically possible,” they “are unlikely to be carried out.

Read more: Kaspersky Antivirus flaw leaves millions open to online hack

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.