Kaspersky customers in the US have been left confused and concerned after their Kaspersky antivirus software automatically uninstalled itself and was replaced by another solution without their consent.
In June this year, the US government passed a federal law prohibiting the sale of Kaspersky antivirus software. The primary reason for the ban is alleged cooperation between Kaspersky and the Russian government, along with concerns over the data collected by the software. The US Department of Commerce's Bureau of Industry and Security (BIS) has expressed worries that Kaspersky's products could be used to collect and exploit sensitive information from US businesses and individuals. You can read more about this in our recent blog post.
Users had previously been informed about the upcoming changes, and a recent email advised them that they would be transitioned to an alternative solution, UltraAV. The email mentioned that users would soon receive instructions on how to activate their new accounts.
However, many users reported that their Kaspersky software had uninstalled itself and that UltraAV had installed automatically without any explicit consent or permission. This unexpected change led to confusion and concern, as some users initially believed their systems had been infected by malware when they noticed the unfamiliar software replacing their existing antivirus.
This incident raises significant questions about the level of control antivirus companies have over user systems and what actions they can take without user permission. It also highlights the need for greater transparency and communication from software providers, particularly when making critical changes that affect user security.
A Missed Notification?
Here is a crucial update, as reported in an article in Bleeping Computer.
‘’Update September 25, 10:43 EDT: A Pango Group spokesperson told BleepingComputer after the article was published that Kaspersky "began communicating this transition to U.S. customers on September 5" and that "users with valid email addresses received direct communications and all users had access to transition notifications in-app, on MyKaspersky account pages, and via Kaspersky Labs' webpages."
Pango Group also shared a screenshot of an in-app Kaspersky pop-up notifying customers that their "Kaspersky service will soon be moving to UltraAV" and "UltraAV protection will be automatically activated" on the device as part of this transition.’’
Currently, it's uncertain whether users have simply overlooked these notifications. Despite reports that the messages were displayed, a significant number of users were misled, which could pose security risks. This reinforces the need for more proactive and timely communication between the company and its users.