Russian antivirus was used to obtain classified information

Share

"There are no plans to warn against the use of Kaspersky products since the BSI has no evidence for misconduct by the company or weaknesses in its software", BSI said in an emailed response to questions about the latest media reports.

As of 2016, the software has about 400 million users and has the largest market-share of cybersecurity software vendors in Europe.

The Israeli officials who hacked into Kaspersky's network over two years ago then warned their U.S. counterparts of the Russian intrusion, said the New York Times, which first reported the story.

Kaspersky Lab has repeatedly denied any knowledge of, or involvement in, Russian hack1ing.


The Russian government has used popular antivirus software for the search of secret documents around the world. Nor is it evidently connected to a parallel leak of hacking data from the Central Intelligence Agency to WikiLeaks, which has posted classified Central Intelligence Agency documents regularly under the name Vault7. That's how Russian hackers used the software to steal NSA information, the report notes. And given such Russian hacking operation were discovered some time ago, there's a chance that Kaspersky may have patched a backdoor, if it indeed existed, as part of its regular software updates.

"Antivirus is the ultimate back door", Blake Darché, a former NSA operator and co-founder of Area 1 Security. Acting Department of Homeland Security Secretary Elaine C Duke cited the "information security risks" presented by Kaspersky and said the company's antivirus and other software "provide broad access to files" and "can be exploited by malicious cyber actors to compromise" federal computer systems. Kaspersky dubbed the effort "Duqu 2.0" and drew a connection between methods used in the new intrusion and those employed by Stuxnet, a cyber weapon developed for use against Iran by the USA and Israel.

Since then, USA intelligence agencies have been able to confirm that the antivirus software can be used to search computers for classified materials. Kaspersky Lab and Interpol agreed upon a new cooperation phase, where the Russian antivirus solutions provider will promptly provide the law enforcement authority with data regarding the newest cyber-threats, the company said on Thursday.

Share