Daily Management Review

Kaspersky Labs admits that it obtained NSA hacking tool through its Anti Virus software


10/25/2017


Here’s the low down on the U.S. Government’s distrust on Kaspersky Lab’s anti virus software.



On Wednesday, embattled Moscow-based Kaspersky Lab admitted that its security software had taken source code from a secret American hacking tool from a personal computer in the U.S.
 
The disclosure comes in the wake of media reports that the Russian government had used Kaspersky’s antivirus software to collect technology from the U.S. National Security Agency.
 
U.S. officials who been telling since a while now that Kaspersky’s software have been used to subvert U.S. national security.
 
In a statement, Kaspersky said, it had stumbled on the code in 2014, a year earlier than the earliest media report.
 
Kaspersky said, as per its logs, the consumer version of its AV product had been analyzing questionable software from a U.S. computer when it found a zip file that it flagged as malicious.
 
On reviewing the file’s contents, an analyst discovered that it contained source code for a hacking tool that was later attributed to the Equation Group.
 
When the matter was reported to Kaspersky’s Chief Executive, Eugene Kaspersky, he ordered the company’s copy of the code be destroyed, said Kaspersky in a statement.
“Following a request from the CEO, the archive was deleted from all our systems,” said Kaspersky. It went on to add, third parties did not see the code, contrary to media reports which said the tool ended up in the hands of the Russian government.
 
On October 5, the Wall Street Journal (WSJ) reported, hackers working for the Russian government appeared to have targeted a NSA worker by using Kaspersky software to identify classified files.
 
On October 10, the New York Times reported that Israeli officials reported the operation to the United States after they hacked into Kaspersky’s network.
 
Kaspersky did not disclose whether the computer in which it found the hacking tool belonged to an NSA worker.
 
Kaspersky has denied the WSJ’s report that its anti-virus program searched for keywords including “top secret.”
 
According to the company, it found no evidence that its network had been hacked by Russian spies or anyone else other than Israelis; at the same time, it suggested that others may also have obtained a copy of the tools by hacking into the American individual’s computer through a back door, which it later spotted there.
 
The mention of the 2014 date gains significance since Kaspersky had announced the discovery of an espionage campaign by the Equation Group only in February 2015.
 
Significantly, Kaspersky did not say how often it takes uninfected, non-executable files, from a user’s computer.
 
According to former employees, the company used to use this technique to identify suspected hackers.
 
Interestingly, Kaspersky spokeswoman did not explicitly deny the claim but said it was a “false allegations.”



References:
reuters.com