US Kaspersky customers report replacement antivirus forcibly installed following ban

News
By
published

Customers woke up to entirely new software installed on their computers

Image credit: Kaspersky (Image credit: Kaspersky)

Kaspersky customers in the US have found their antivirus software has been replaced without warning with a new solution called UltraAV.

The US government recently passed a law banning the sale of Kaspersky security software and the subsequent updates for installed software, resulting in the company’s exit from the US market.

Customers reported on social media that the update was pushed without the ability to accept or decline UltraAV, despite notification emails supposedly being sent at least a few weeks prior to the update.

Demonstration of Kaspersky danger

The US has long argued Kaspersky software is at risk of being manipulated by the Russian government to hand over secrets and control of the computers it is installed on, with an initial ban on Kaspersky products from being used within federal agencies being followed by a complete commercial sales ban from July 20, and finally with a Federal Communications Commission (FCC) ban on the use of Kaspersky software within telecommunications equipment at the beginning of September 2024.

At around the same time as the FCC ban, Axios reported that Kaspersky had offloaded its antivirus customers to the Pango Group, which owns UltraAV.

Kaspersky confirmed the transition in a post by Vadim M. on the company’s forum, stating, “Kaspersky has additionally partnered with UltraAV to make the transition to their product as seamless as possible, which is why on 9/19, U.S. Kaspersky antivirus customers received a software update facilitating the transition to UltraAV. This update ensured that users would not experience a gap in protection upon Kaspersky’s exit from the market.”

Former National Security Agency director of cybersecurity, Rob Joyce, commented on the transition on X (formerly Twitter), saying, “This is why handing root-level access to Kaspersky was a huge risk. Users were "migrated" - software uninstalled and a totally different product was installed automagically. They had total control of your machine.” It is worth noting that some antivirus products and anti-cheat software commonly use root-level access to scan for harmful files or software used to cheat in games.

TechRadar Pro reached out to UltraAV to provide additional context on the nature of the transition, but the company did not immediately respond. Any subsequent updates will be posted here.

Via TechCrunch

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focusing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.