Kaspersky defends his role in the violation of the NSA

Reuters

The Russian-headquartered anti-virus company Kaspersky Lab, has hit back at reports that he deliberately extract the files from a National Security Agency worker’s computer.

The allegations stem from a Wall Street Journal report in early October.

Russian hackers have used Kaspersky software to identify the classified files of NSA’s contractor of the home computer, they were then stolen, ” he said.

It later emerged Kaspersky has also copied the files from the PC itself.

Reuters

But we have already said that this was not deliberate and classified documents were destroyed.

He said that the researchers have studied malicious software created by “the Equation Group”, which is widely heard that Kaspersky is a code word for the NSA.

And this research has included the search for signatures relating to the well-known Equation of the activity on the machines running the company’s software.

September 11, 2014, the company reported one of its products is deployed on a home computer with an internet protocol (IP) address in Baltimore, Maryland near the place where the NSA is based, said what appeared to be variants of the malware used by the Equation Group.

Getty Images

Shortly after, the user has disabled the Kaspersky Lab anti-virus tool and downloaded and installed the software hacked by another, separate form of malware.

And when the Kaspersky product has been re-enabled, it also had to detect this malware and new variants of the Equation of malware inside an archive that 7zip – a file containing compressed documents.

This had been sent to Kaspersky Lab and contain known and unknown of the Equation tools, source code, and the classified documents indicating that the user of the computer had been the victim of the Equation, but one of its authors.

Eugene Kaspersky, the company’s founder and chief executive, had then ordered that the confidential data must be removed from the company’s systems, and in a few days it had been.

Getty Images

Kaspersky has kept the malware “binary”, the computer code necessary to enhance the protection of its customers.

“According to the security software industry standards, request a copy of an archive containing malware is a legitimate demand,” the company said.

“We also found no indication that the information has never left our corporate network.”

The Wall Street Journal report said that the Russian government had secretly monitored computers using Kaspersky software to spy on the AMERICAN government – and not necessarily with the knowledge of the company. The israeli intelligence services

Kaspersky denies the creation of “signatures” specifically designed for research top secret or classified documents.

And now she said that the only third-party intrusion into its networks was by Duqu 2.0 – malicious programs related to Israeli intelligence.

According to the Wall Street Journal report, the New York Times had reported that Israel had penetrated Kaspersky networks in 2014 and has alerted the united states to the possibility of Kaspersky software used for spying.

Kaspersky has also said that the distinct form of malicious software that are not related to the Equation of the Group that he had detected on the Maryland PC, was only the Smoke Bot or Smoke a Charger, a Trojan created by a hacker Russian in 2012, and sold on Russian underground forums. The target of choice

And during this period the command-and-control servers of the malware have been recorded in what appeared to be a Chinese entity.

“Given the fact that the owner of the network of potential clearance level, the user could have been a prime target of the nation states,” Kaspersky spokesman said.

Us federal agencies have now been told to remove all Kaspersky software from their computers.

Kaspersky spokesman said: “Kaspersky Lab security software, like all the other similar solutions by our competitors, has a privileged access to computer systems to be able to withstand severe malware infections and return control of the infected system to the user,” the company says in its press release.

“This level of access allows our software to see all the files on the systems that we need to protect. To access comes great responsibility.”