Some Kaspersky customers receive surprise forced-update to new antivirus software
Customers of Kaspersky antivirus in the United States found out in the last few days that their cybersecurity software was automatically replaced with a new one called UltraAV, according to several customers who posted on social media. And some of the customers said they had no idea this was going to happen.
“Woke up to Kasperky [sic] completely gone from my system with Ultra AV and Ultra VPN freshly installed (not by me, just automatically while I slept),” a user on Reddit wrote. Others in the same Reddit thread, as well as in other threads, reported having the same experience.
A reseller, who until recently sold Kaspersky products prior to the recent sales ban, told TechCrunch that he was left "annoyed" by the move to automatically remove Kaspersky software and replace it with an entirely different antivirus. A former senior U.S. government cybersecurity official said that this was an example of the "huge risk" posed by the access granted by Kaspersky software.
It’s worth noting that, on the other hand, other customers did report receiving an email from Kaspersky about the transition to UltraAV.
The transition to UltraAV comes months after the U.S. government took the unprecedented decision to ban all sales of Kaspersky software across the United States. In June, the Commerce Department announced that sales of the antivirus software would be banned starting July 20. After that, Kaspersky was allowed to provide limited security updates to customers until September 29.
In early September, Axios reported that Kaspersky had reached a deal to offload its customers to American cybersecurity firm Pango, which owns UltraAV, a relatively new antivirus software.
UltraAV has a page on its site announcing that Kaspersky customers using Windows would get the new antivirus with their existing subscription and that “no action is required.” It’s unclear when the page was published. The earliest version of the page saved on the Internet Archive dates back to September 6.
Kaspersky also confirmed the transition to UltraAV.
“Kaspersky has additionally partnered with UltraAV to make the transition to their product as seamless as possible, which is why on 9/19, U.S. Kaspersky antivirus customers received a software update facilitating the transition to UltraAV. This update ensured that users would not experience a gap in protection upon Kaspersky’s exit from the market,” a Kaspersky employee only named Vadim M. wrote in an official company forum on Saturday.
Kaspersky did not respond to a request for comment.
Pango spokesperson Sydney Harwood told TechCrunch that “all Kaspersky customers were notified of the transition to UltraAV” in early September. When asked repeatedly by TechCrunch, Pango could not point to where customers had been explicitly told users that their Kaspersky software would be force-replaced with UltraAV.
Avi Fleischer, a customer of Kaspersky, told TechCrunch that he also was surprised by the transition.
“I’m annoyed at Kaspersky,” said Fleischer, who is also the founder of Technical Difficulties, a company that was an official Kaspersky reseller. “Basically, on my computers, Kaspersky pushed an uninstall of the Kaspersky products and pushed an automatic install of UltraAV & UltraVPN onto my computers. They should’ve given me the option to accept UltraAV or not."
"They should NEVER push software onto someone’s computer without explicit permission," said Fleischer. “Personally, I removed the UltraAV & UltraVPN immediately.”
Rob Joyce, the former director of cybersecurity at the National Security Agency, said in a post on X: “Users were ‘migrated’ — software uninstalled and a totally different product was installed automagically," adding that Kaspersky "had total control of your machine.”
UPDATE, Sept. 24, 12:41 p.m. ET: This story has been updated to include comments from Pango.