Unexpected Software Transition Raises Concerns
A recent transition involving US-based Kaspersky customers has sparked concern among users after the unexpected appearance of UltraAV software on their devices. This situation arose from a poorly managed handover process that left many feeling uneasy about their cybersecurity measures.
What Happened?
In response to national security concerns, the US Department of Commerce announced a nationwide ban on Kaspersky antivirus solutions, set to take effect in late September 2024. Users were encouraged to migrate to alternative software providers. Earlier this month, Kaspersky informed its customers of a partnership with UltraAV, a division of the Pango Group, and outlined a transition plan. However, the communication fell short in clarity regarding the specifics of this process.
Some users received emails detailing that UltraAV would reach out with instructions for activating their new accounts, while others reported not receiving any such notifications. On September 19, Kaspersky indicated that a software update had been rolled out to facilitate the transition to UltraAV. Unfortunately, many users were taken aback when UltraAV appeared on their computers without prior installation, leading them to suspect malware or a potential hack. This prompted a flurry of inquiries on platforms like Reddit and the Kaspersky forum, where users sought guidance on how to remove the unexpected software.
A Matter of Trust
According to UltraAV’s FAQ page, the software has been activated on Windows systems, while Mac, Android, and iOS users are required to download it manually. The page also reassured users that their Kaspersky accounts have been migrated and that billing schedules would remain unchanged. Nevertheless, the botched handover has raised significant concerns, prompting many users to consider canceling their subscriptions and uninstalling UltraAV, as well as UltraVPN for those who previously used Kaspersky’s VPN services. The uncertainty surrounding UltraAV, an unfamiliar entity for many, only adds to the trepidation.
Rob Joyce, former NSA Director of Cybersecurity, highlighted the risks associated with granting root-level access to Kaspersky, emphasizing that this incident underscores the importance of vigilance when entrusting software with such control. The realization that an antivirus solution could autonomously install additional software without user consent has left many feeling unsettled. Joyce’s advice resonates: