Kaspersky Lab on NSA’s Stolen Data: User Disabled the Antivirus on His Computer
Sputnik/ Kirill KallinikovTech09:06 26.10.2017(updated 09:04 26.10.2017) Get short URL
On Wednesday the Russian cyber-security giant Kaspersky Lab published the findings of an internal investigation into US media claims that Kaspersky’s software posed a risk to personal computers. The company said that the reason an NSA contractor’s machine appeared to have been “hacked” was, allegedly, because cyber safety rules were neglected.
MOSCOW (Sputnik) — Kaspersky Lab said it had conducted a review of its telemetry logs in relation to the reported incident and brought up a similar case from 2014 when its antivirus stumbled upon what appeared to be a malware source code file used by Equation Group, a hacking operation suspected of having NSA ties.
“The archive itself was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts. Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware,” the firm said in a statement.
According to Kaspersky Lab, the user involved turned off the antivirus program, installed pirated software, got infected and, when the antivirus was turned back on, it detected and automatically sent the file with the new, unknown samples of malware for analysis.
The finding was reported to CEO Eugene Kaspersky, who ordered to delete the archive “from all our systems.” The archive had never been shared with any third party and no similar upload had been made from the user’s computer, the company stressed.
Kaspersky Lab added its software had never been programmed to deliberately search for “non-weaponized” documents based on keywords like “top secret” and “classified.”
The Moscow-based company announced Equation Group’s discovery in February 2015, saying it had been active since at least 2001, with more than 60 actors. It said personal computers in 30 countries were found to have been infected with one or more spying programs.
Invitation for Kaspersky to Testify
The US House of Representatives committee on technology may invite Kasperksy Lab’s chief executive to testify at a hearing on the software firm’s alleged spying, Darin LaHood, the chair of the oversight subcommittee has said.
“We are open to that in the future… We have to wait and see on what else he [Eugene Kaspersky] says. We’ve just touched the surface,” LaHood told RIA Novosti after Wednesday’s hearing, at which the company’s representatives were not present.
The congressman said the committee would “most likely” have another hearing by the end of the year and would “make a determination” on whether the head of the Moscow-based company could attend. He added Congress appeared to doubt what he had to say.
“I think there is a lot of distrust in Mr. Kaspersky and his whole organization. At least I’m speaking for myself. There is a lot of distrust and I don’t think people [are] putting a lot of faith in what he has said to this committee and our investigators,” LaHood confessed.
The Kaspersky CEO told Sputnik in early October he was ready to appear in Congress to answer the questions directly.
The Wall Street Journal reported in early October that in 2015 Russian hackers had stolen classified data from a NSA contractor’s personal computer using Kaspersky software. In September, the US Homeland Security Department ordered state agencies to remove Kaspersky products, citing security risks. The firm has denied working for any government.