Kaspersky Lab antivirus customers in the US learned a few days ago that their cybersecurity software had been automatically replaced with a newer version called UltraAV, according to multiple customers posting on social media, some of whom said they never expected something like this to happen.
“I woke up to Kaspersky [sic] “After a fresh install of Ultra AV and Ultra VPN, the virus was completely gone from my system (I didn't install it, it just disappeared automatically while I was sleeping),” wrote a Reddit user, with other people reporting the same experience on the same Reddit thread and others.
A reseller who sold Kaspersky products prior to the recent ban told TechCrunch that they were “angry” about the move to automatically remove Kaspersky's software and replace it with an entirely different antivirus. A former senior U.S. government cybersecurity official said it was an example of the “huge risk” posed by the access granted by Kaspersky's software.
Meanwhile, it's worth noting that other customers have reported receiving emails from Kaspersky about migrating to UltraAV.
The move to UltraAV comes months after the U.S. government made the unprecedented decision to impose a blanket ban on the sale of Kaspersky software across the U.S. In June, the Commerce Department announced that the antivirus software would be banned from sale starting July 20. Kaspersky was then allowed to provide limited security updates to customers until September 29.
In early September, Axios reported that Kaspersky had signed a deal to sell its clients to Pango, the American cybersecurity company that owns the relatively new antivirus software UltraAV.
UltraAV's site has a page announcing that Kaspersky customers who use Windows can get the new antivirus software with their existing subscriptions and “no action required.” It is unclear when the page was published; the oldest version of the page stored in the Internet Archive dates to September 6.
Kaspersky has also confirmed its move to UltraAV.
“Kaspersky Lab has partnered with UltraAV to make the transition to its products as smooth as possible. So on September 19th, Kaspersky Antivirus customers in the U.S. received a software update that eases the transition to UltraAV. With this update, users will no longer experience a gap in protection when Kaspersky withdraws from the market,” wrote a Kaspersky Lab employee named Vadim M. on the company's official forums on Saturday.
Neither Pango nor Kaspersky responded to requests for comment to clarify whether all of Kaspersky's customers had been directly notified about the transition.
Kaspersky customer Avi Fleischer also told TechCrunch that he was surprised by the move.
“I'm angry at Kaspersky,” said Fleischer, who is also the founder of Technical Difficulties, an official Kaspersky reseller. “Basically, on my computer, Kaspersky forced me to uninstall their products and forced the automatic installation of UltraAV and UltraVPN. They should have given me the choice of whether or not to accept UltraAV.”
“You should never push software onto someone's computer without their explicit permission,” Fleischer said. “Personally, I removed UltraAV and UltraVPN immediately.”
“Users were 'migrated' – meaning their software was uninstalled and an entirely different product was automatically installed,” Rob Joyce, a former cybersecurity director at the National Security Agency, said in X's post, adding that Kaspersky had “full control over their machines.”