Kaspersky Lab on NSA's Stolen Data: User Disabled the Antivirus on His Computer

© Sputnik / Kirill Kallinikov / Go to the mediabankRansomware attacks global IT systems
Ransomware attacks global IT systems - Sputnik International
On Wednesday the Russian cyber-security giant Kaspersky Lab published the findings of an internal investigation into US media claims that Kaspersky's software posed a risk to personal computers. The company said that the reason an NSA contractor's machine appeared to have been "hacked" was, allegedly, because cyber safety rules were neglected.

MOSCOW (Sputnik) — Kaspersky Lab said it had conducted a review of its telemetry logs in relation to the reported incident and brought up a similar case from 2014 when its antivirus stumbled upon what appeared to be a malware source code file used by Equation Group, a hacking operation suspected of having NSA ties.

"The archive itself was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts. Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware," the firm said in a statement.

According to Kaspersky Lab, the user involved turned off the antivirus program, installed pirated software, got infected and, when the antivirus was turned back on, it detected and automatically sent the file with the new, unknown samples of malware for analysis.

The finding was reported to CEO Eugene Kaspersky, who ordered to delete the archive "from all our systems." The archive had never been shared with any third party and no similar upload had been made from the user’s computer, the company stressed.

Kaspersky Lab - Sputnik International
US Lawmaker Asks Trump Administration to Declassify Kaspersky Lab Information
Kaspersky Lab added its software had never been programmed to deliberately search for "non-weaponized" documents based on keywords like "top secret" and "classified."

The Moscow-based company announced  Equation Group's discovery in February 2015, saying it had been active since at least 2001, with more than 60 actors. It said personal computers in 30 countries were found to have been infected with one or more spying programs.

Invitation for Kaspersky to Testify

The US House of Representatives committee on technology may invite Kasperksy Lab's chief executive to testify at a hearing on the software firm’s alleged spying, Darin LaHood, the chair of the oversight subcommittee has said.

"We are open to that in the future… We have to wait and see on what else he [Eugene Kaspersky] says. We've just touched the surface," LaHood told RIA Novosti after Wednesday’s hearing, at which the company's representatives were not present.

December 22, 2015. Head of Kaspersky Lab Yevgeny Kaspersky near the Lab's stand during the exhibition of Russia's first Internet Economy Forum - Sputnik International
Kaspersky CEO Calls Allegations of Spying on US Citizens 'Groundless Paranoia'
The congressman said the committee would "most likely" have another hearing by the end of the year and would "make a determination" on whether the head of the Moscow-based company could attend. He added Congress appeared to doubt what he had to say.

"I think there is a lot of distrust in Mr. Kaspersky and his whole organization. At least I'm speaking for myself. There is a lot of distrust and I don't think people [are] putting a lot of faith in what he has said to this committee and our investigators," LaHood confessed.

The Kaspersky CEO told Sputnik in early October he was ready to appear in Congress to answer the questions directly.

The Wall Street Journal reported in early October that in 2015 Russian hackers had stolen classified data from a NSA contractor's personal computer using Kaspersky software. In September, the US Homeland Security Department ordered state agencies to remove Kaspersky products, citing security risks. The firm has denied working for any government.

To participate in the discussion
log in or register
Заголовок открываемого материала