Kaspersky users in the US woke up thinking that their system had been compromised, as they found UltraAV antivirus and UltraVPN automatically installed on their systems without warning.
In June, the US banned the sale, updates, resales, and software licensing of antivirus software made by the Russian cybersecurity firm Kaspersky due to alleged ties with the Russian government, effective September 29th.
The company emailed its customers to inform them that they would get UltraAV protection with their existing subscriptions. Kaspersky said they “will be receiving communications from UltraAV with instructions on how to activate your new account.”
However, Kaspersky users did not expect an abrupt, forced update without a warning or permission.
This is why handing root-level access to Kaspersky was a huge risk. Users were undefinedmigratedundefined - software uninstalled and a totally different product was installed automagically. They had total control of your machine. #itsabouttrust https://t.co/GzyosfcJOv
undefined Rob Joyce (@RGB_Lights) September 23, 2024
“Woke up to Kasperky completely gone from my system with Ultra AV and Ultra VPN freshly installed (not by me, just automatically while I slept). No sign of Kaspersky anywhere on my system, and Ultra AV's settings are non-existent,” one user on Reddit complained.
Many more seem surprised and unaware of the change.
“I was using Kaspersky, didn’t realize they’d be shuffling us off to some rando AV in September. Nearly had a heart attack when I started my PC today and found a program I didn’t download. For some reason, though, I still have Kaspersky,” another user said. “When I try to uninstall it, the uninstaller gets stuck on 20%. How can I force this program off my computer without the uninstaller getting stuck?”
Users with Kaspersky VPN subscriptions also report finding UltraVPN installed in their systems.
Many seem to be hearing about UltraAV for the first time. This antivirus product is from Pango Group, a Boston-based company that offers VPN, antivirus, and identity theft protection. Axios reported that Pango reached a deal with Kaspersky to acquire roughly 1 million US customers.
Pango is owned by Aura, a technology company offering all-in-one protection from online threats. The acquisition was announced on July 7th, 2020.
Cyber pros on the Cybersecurity subreddit are also scratching their heads.
“Obviously not cool, not what users probably expected, but they did notify them they'd be protected. Now, any business that used Kaspersky in the US, when notified about this, should have said, "Okay, how will this work, do we need to redeploy? Do we need to uninstall?” one user commented.
“In Russia, a human does not update software, instead software updates the human,” another one replied.
Kaspersky antivirus has reportedly begun silently installing a new antivirus product called undefinedUltra AVundefined on United States-based users machines.
undefined vx-underground (@vxunderground) September 24, 2024
tl;dr pic.twitter.com/HkCGt3PutD
Kaspersky stated in its official statement that the two companies “worked closely to ensure customers would maintain the standards of security and privacy users have come to expect from their service.”
UltraAV includes “comparable features” such as antivirus, premium VPN, password manager, identity theft protection, and $1 million in insurance coverage.
“Kaspersky has additionally partnered with UltraAV to make the transition to their product as seamless as possible, which is why on 9/19, US Kaspersky antivirus customers received a software update facilitating the transition to UltraAV. This update ensured that users would not experience a gap in protection upon Kaspersky’s exit from the market,” the statement reads.
Your email address will not be published. Required fields are markedmarked