Kaspersky Rolls Back for US Customers, Makes Way for UltraAV

UPDATE

Kaspersky has pulled back its anti-malware software from its US customers' devices, due to a ban put in place by the US Department of Commerce, and is now partnering with antivirus provider UltraAV to automatically replace the lost software. 

Kaspersky shut down its US operations and laid off its US-based employees after its June addition to the Entity List, a catalog of "foreign individuals, companies, and organizations deemed a national security concern."

The ban was first announced by the Biden administration in June, due to potential national security risks. Kaspersky then began emailing customers in September, assuring them that they would receive continued cybersecurity protection from UltraAV — the notice, however, reportedly failed to mention that the switch of software in user systems would be automatic.

"Information about the transition has been communicated to all US users eligible for the replacement, in a series of email communications by Kaspersky and UltraAV," said Kaspersky to Dark Reading. "Kaspersky and UltraAV are implementing the transition in waves, to ensure the process is smooth and that the users will not experience a gap in their protection upon Kaspersky's exit from the market."

Roll Up the Welcome Mat

Some users who experienced this update aren't pleased with the change. 

"I don't trust UltraAV for a few reasons," said one user on Reddit. "Not only do I not trust it but apparently I need to login to even do a system scan."

Another user thought that a virus had been installed on their system because they didn't know about the transfer and planned on uninstalling UltraAV. A third user agreed, stating that they had already switched to Bitdefender.

Kaspersky assures former customers, however, that it worked together closely with UltraAV to maintain security standards, and that the transition went into effect on Sept. 19 to ensure that "users would not experience a gap in protection upon Kaspersky's exit from the market."

Indeed, perhaps customers shouldn't be as skeptical as they are. "Pango has been around for a while,” says Zulfikar Ramzan, chief scientist at Aura and AV-industry veteran, who remains heavily involved in the UltraAV transition process following Pango Group's split from Aura. "A lot of our technologies are widely deployed. So, for example, we've partnered with Kaspersky for years. The Kaspersky VPN solution is actually the Pango VPN solution."

He adds that Pango's focus has primarily been on the technologies its building rather than building a brand.

"Our focus at that point was just to make sure that we build the best possible technology to go to those customers," Ramzan says. "You have a three million users on Kaspersky in the US who were going to be out of protection pretty soon, which means you have a whole set of threat actors [and] organized crime because they knew that all these people were going to lose protection."

Most people, he adds, wouldn't have even noticed they were out of protection. He acknowledges that while some customers may not be happy with the transition and will decide to opt out, he thinks of people like his parents who would have struggled to have the necessary software installed if there was any friction in the process. While there might be things that could have been improved upon in the transition process, ultimately, Ramzan says, the goal has always been to been to protect customers.

However, if customers find themselves looking to ditch their new antivirus software, other users have posted step-by-step instructions as to how they got rid of their own — though while these methods have certainly been tried, it's unclear if they will remain true and keep the newly downloaded software out.

This story was updated at 6:30 p.m. ET on Sept. 25 to reflect comments from Kaspersky and Pango Group/UltraAV.