Back to Blog

Kaspersky Antivirus Flaw Exposed Users to Cross-Site Tracking Online

August 15, 2019

By: mirabiliscorp

In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads.

Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint you in order to track your every move across multiple sites.

However, if you’re using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely.

The vulnerability, identified as CVE-2019-8286 and discovered by independent security researcher Ronald Eikenberg, resides in the way a URL scanning module integrated into the antivirus software, called Kaspersky URL Advisor, works.

By default, Kaspersky Internet security solution injects a remotely-hosted JavaScript file directly into the HTML code of every web page you visit—for all web browsers, even in incognito mode—in an attempt to check if the page belongs to the list of suspicious and phishing web addresses.

Well, it’s no surprise, as most Internet security solutions work in the same way to monitor web pages for malicious content.

More: https://thehackernews.com/2019/08/kaspersky-antivirus-online-tracking.html?m=1

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.