Kaspersky Lab co-founder Eugene Kaspersky has published a blog post responding to a Reuters report that claims the company spent more than a decade creating fake malware to trick competitors’ anti-virus solutions into generating false positives.
“Oh yes,” Kaspersky wrote. “But they forgot to add that we conjure all this up during steamy banya sessions, after parking the bears we ride outside.”
Two former Kaspersky Lab employees told Reuters the company targeted competitors including Microsoft, AVG Technologies and Avast Software, spending weeks or months reverse-engineering the competitors’ solutions with the aim of tricking them into identifying benign files as malware.
Some of the attacks were directly ordered by Eugene Kaspersky, the former employees alleged, in response to competitors copying his software instead of developing their own solutions. “Eugene considered this stealing,” one said.
In his response, Eugene Kaspersky questioned the credibility of an article based entirely on the allegations of two former employees. “Disgruntled ex-employees often say nasty things about their former employers, but in this case, the lies are just ludicrous,” he wrote.
In 2012 and 2013, Kaspersky wrote, all companies in the anti-malware industry were affected by a serious problem with false positives, including Kaspersky Lab. “It turned out to be a coordinated attack on the industry: someone was spreading legitimate software laced with malicious code targeting specifically the antivirus engines of many companies, including KL,” he noted. “It remains a mystery who staged the attack, but now I’m being told it was me!”
In a forum discussion of the allegations, an anonymous commenter responded wrote, “I’d find this very surprising, if true. When I worked for a company that was essentially developing malware, we were able to get ourselves whitelisted by most anti-virus software (either by going through an automated submission process, or outright bribery). The only one who wouldn’t budge on principal, no matter what we offered, was Kaspersky.”
Bromium chief security architect Rahul Kashyap told eSecurity Planet that the allegations are a jolt for the security industry. “The AV malware samples exchange amongst vendors is based on trust, and this report claims that was breached,” he said. “The ramifications are quite high — many users suffered in this process with crippled PCs, and many firms actually lost business. Besides the huge impact of the claim, there are two other issues this report brings out – the challenges of reliably attributing and the fragility of [the] anti-virus ‘system.'”
A recent eSecurity Planet article offered advice on improving enterprise data security.