Last week, Kaspersky unexpectedly removed its antivirus software from U.S. customers’ systems and replaced it with UltraAV, a product from competitor Pango Group, without prior notice.
On Thursday, the Russian cybersecurity firm Kaspersky complied with U.S. government sanctions by automatically uninstalling its software from customer systems, effectively ending its operations in the United States. However, the company took an additional step.
Kaspersky on U.S. sanctions list
In June, the U.S. government added Kaspersky to its Entity List, which identifies foreign individuals, companies, and organizations deemed threats to national security. That same month, Kaspersky was prohibited from selling new software or releasing updates in the U.S. after September 29, 2024, citing national security concerns. Consequently, Kaspersky began closing its U.S. offices and laying off employees in July.
UltraAV Installation without permission
While Kaspersky removed its own software, it tried to prevent its customer systems from being entirely unprotected. Without user consent, the company installed Pango Group’s antivirus software, UltraAV.
This action caused confusion among former Kaspersky customers, who initially feared their systems had been infected with malware. They hadn’t authorized the installation and received no notification about the change.
The situation was further complicated by the difficulty in uninstalling the new antivirus software. In many cases, users could only remove it using the software’s own uninstaller, as other removal methods caused the program to reinstall itself.
Earlier this month, Kaspersky had sent an email to its U.S. customers stating that they would receive future protection from UltraAV. However, the company failed to mention that it would uninstall its own software in the process.
Also read: Kaspersky sales and use banned in U.S. due to security concerns