Kaspersky customers in the US have found their antivirus software has been replaced without warning with a new solution called UltraAV.
The US government recently passed a law banning the sale of Kaspersky security software and the subsequent updates for installed software, resulting in the company’s exit from the US market.
Customers reported on social media that the update was pushed without the ability to accept or decline UltraAV, despite notification emails supposedly being sent at least a few weeks prior to the update.
Demonstration of Kaspersky danger
The US has long argued Kaspersky software is at risk of being manipulated by the Russian government to hand over secrets and control of the computers it is installed on, with an initial ban on Kaspersky products from being used within federal agencies being followed by a complete commercial sales ban from July 20, and finally with a Federal Communications Commission (FCC) ban on the use of Kaspersky software within telecommunications equipment at the beginning of September 2024.
At around the same time as the FCC ban, Axios reported that Kaspersky had offloaded its antivirus customers to the Pango Group, which owns UltraAV.
Kaspersky confirmed the transition in a post by Vadim M. on the company’s forum, stating, “Kaspersky has additionally partnered with UltraAV to make the transition to their product as seamless as possible, which is why on 9/19, U.S. Kaspersky antivirus customers received a software update facilitating the transition to UltraAV. This update ensured that users would not experience a gap in protection upon Kaspersky’s exit from the market.”
Former National Security Agency director of cybersecurity, Rob Joyce, commented on the transition on X (formerly Twitter), saying, “This is why handing root-level access to Kaspersky was a huge risk. Users were “migrated” – software uninstalled and a totally different product was installed automagically. They had total control of your machine.” It is worth noting that some antivirus products and anti-cheat software commonly use root-level access to scan for harmful files or software used to cheat in games.
TechRadar Pro reached out to UltraAV to provide additional context on the nature of the transition, but the company did not immediately respond. Any subsequent updates will be posted here.
Via TechCrunch