Kaspersky Forces New Antivirus Software on Users in Sudden Update

The sudden and automatic replacement of Kaspersky antivirus software with UltraAV in the United States has caused widespread concern among users, reigniting debates about transparency, user control, and cybersecurity risks. Over the past few days, Kaspersky customers found that their antivirus software had been quietly uninstalled and replaced by UltraAV and UltraVPN, without any prior notice or consent. Reports of this change quickly surfaced on social media, with some users expressing confusion and frustration over what they described as an unexpected and unauthorized alteration to their cybersecurity setup.

One Reddit user summarized the experience, stating: “Woke up to Kasperky [sic] completely gone from my system with Ultra AV and Ultra VPN freshly installed (not by me, just automatically while I slept).” Many other users shared similar experiences in the same Reddit thread and across other online forums, further fueling concerns about how such a significant transition could happen without user consent.

This development comes on the heels of the U.S. government’s decision to ban the sale of Kaspersky software nationwide. In June 2024, the Commerce Department announced that all sales of Kaspersky products would be prohibited starting from July 20, 2024, citing concerns over potential security risks associated with the software, which originates from Russia. While Kaspersky was allowed to provide limited security updates to its existing customer base until September 29, many users were unaware that the company had struck a deal with Pango, an American cybersecurity firm, to take over its customer base in the United States by transitioning them to UltraAV.

UltraAV, a relatively new antivirus software owned by Pango, was introduced as the replacement for Kaspersky, with customers continuing their subscriptions under the new product. Kaspersky confirmed this in an official forum post, stating that the transition to UltraAV was aimed at ensuring customers experienced no disruption in their cybersecurity protection. However, the way in which this migration was handled—automatically replacing the software without notifying many users—has been met with backlash.

Some customers reported that they did receive emails about the transition to UltraAV, but others, like Avi Fleischer, a former Kaspersky reseller, expressed shock and disappointment at the lack of transparency. Fleischer, who had Kaspersky software installed on multiple computers, found that the antivirus was automatically replaced by UltraAV and UltraVPN without his permission. “They should’ve given me the option to accept UltraAV or not,” Fleischer told TechCrunch.“They should NEVER push software onto someone’s computer without explicit permission.” Fleischer immediately removed UltraAV and UltraVPN from his devices, echoing the sentiments of many other frustrated users.

The automatic migration has also drawn criticism from prominent cybersecurity figures. Rob Joyce, former director of cybersecurity at the National Security Agency (NSA), expressed concerns on X (formerly Twitter), highlighting the security risks associated with such actions. “Users were ‘migrated’ — software uninstalled and a totally different product was installed automagically,” Joyce noted, adding that Kaspersky’s control over users' systems allowed it to push through this change without user consent. This situation, Joyce warned, demonstrates the “huge risk” posed by software that has deep access to users’ machines and can make such fundamental changes without the user’s direct involvement.

The controversy surrounding this transition has raised broader questions about the responsibilities of software providers to their customers, particularly when it comes to making significant changes to a user’s system. In the cybersecurity space, where trust is paramount, the automatic replacement of Kaspersky with UltraAV has shaken the confidence of many users who feel they should have been given more control over the decision.

This incident also underscores the tension between national security concerns and consumer protection in the digital age. Kaspersky’s exit from the U.S. market was driven by the government’s fears of potential risks linked to its ties to Russia. However, the method by which Kaspersky and Pango handled the transition to UltraAV raises ethical concerns about how companies communicate and manage such major changes with their customers.

Moving forward, it remains to be seen how this will impact Kaspersky’s reputation in other markets and whether UltraAV will manage to build trust with its new user base. For many customers, the experience of having software installed on their systems without consent has cast doubt on both companies’ commitment to transparency and user control, key pillars in the cybersecurity industry.

In the wake of these developments, there is a growing call for clearer communication, explicit user consent, and greater accountability from software providers. Users expect a say in what software is installed on their devices, especially when it comes to protecting sensitive data. The Kaspersky-to-UltraAV transition serves as a cautionary tale for the industry, highlighting the potential fallout when companies prioritize expedience over customer consent and transparency.