Russian cybersecurity firm Kaspersky Lab admitted Wednesday that its antivirus program siphoned the source code for a secret National Security Agency hacking tool from a personal computer in the United States as the company continues to come under fire for its alleged ties to Russian intelligence.
Responding to unspecified media reports, Kaspersky said an internal investigation confirmed that a home version of its antivirus software incidentally swept up the NSA hacking tool during a routine malware scan of a customer’s computer in 2014.
A Kaspersky customer with the NSA code on their home computer ran the company’s antivirus scan after downloading and installing pirated software infected with malware, Kaspersky said. Kaspersky’s software detected the virus, according to the company, but also flagged new and unknown variants of other malware previously linked to the Equation Group, Kaspersky’s name for the sophisticated hacking outfit widely reported to be a division of the NSA.
The computer file containing the Equation Group code “was detected as malicious and submitted to Kaspersky Lab for analysis, where it was processed by one of the analysts,” Kaspersky said. “Upon processing, the archive was found to contain multiple malware samples and source code for what appeared to be Equation malware.”
“After discovering the suspected Equation malware source code, the analyst reported the incident to the CEO. Following a request from the CEO, the archive was deleted from all our systems,” Kasperskysaid.
The file containing the hacking tool was not shared with any third parties, Kaspersky said.
Kaspersky’s explanation Wednesday comes on the heels of recent news reports accusing Russian state-sponsored spies of exploiting the company’s antivirus software to conduct espionage. The Wall Street Journal reported on Oct. 5 that Russian intelligence used Kaspersky software to steal classified software from the personal computer of an NSA worker, and a subsequent article published by The New York Times corroborated aspects of that report.
Kaspersky described the non-Equation Group malware detected by its antivirus scan as “a full blown backdoor which may have allowed third parties access to the user’s machine,” meaning anyone, Russian spies or otherwise, could have potentially hacked the NSA worker’s computer.
The U.S. Department of Homeland Security issued a directive Sept. 13 banning all federal agencies from using Kaspersky products, and Sen. Claire McCaskill, the ranking Democrat on the Homeland Security and Governmental Affairs Committee, wrote Acting Homeland Security Secretary Elaine Duke on Tuesday this week seeking answers about the removal of Kaspersky products from government computers.
“Kaspersky products present a clear security threat to the U.S.,” Ms. McCaskill, Missouri Democrat, wrote in the letter.
The Russian government has previously denied exploiting Kaspersky products to steal state secrets.
blog comments powered by Disqus
Click to Read More
Click to Hide
Obama, Clinton the target of two congressional investigations
DNC, Clinton campaign helped pay for anti-Trump dossier: Report
Quiz: US Citizenship Test - Could You Pass?
Military judge rules Navy Judge Advocate General illegally intervened in SEAL’s trial
Supreme Court drops Trump travel ban case
Quiz: Test Your Civil War Knowledge
Students balk as Bill de Blasio pushes ‘Meatless Mondays’ to reduce carbon footprint
Colin Kaepernick inks book deal worth over $1 million: Report
Thousands of Islamic State fighters return to home countries; Russia No. 1 source
Pentagon advocates requiring women to sign up for military draft
Conservatives in Hollywood: Celebrities who lean right
Hillary Clinton’s key aides still collect cash from campaign months after loss
How the liberal leanings of Google, Facebook shape the political landscape
21 best guns for home protection
Illegal immigrant who paved way for Massachusetts’ ‘sanctuary’ policy arrested in stunning robbery
Maryland attorney general seeks to derail probe into Hillary Clinton’s lawyers
Christians in Hollywood