In the realm of antivirus software, few companies are as respected as Kaspersky Lab. Based out of Moscow, Kaspersky over the years has garnered a lot of praise for detecting and detailing some of the more sophisticated pieces of malware the world has ever seen, including the famed Stuxtnet computer worm and an even complex piece of malware known as Flame.
Without question, Kaspersky Lab is comprised of some of the best security researchers in the world, which is why a recent report from Reuters about Kaspersky Lab using its power, influence, and expertise to sabotage rival firms is especially disheartening.
Citing information provided by two former employees, Kaspersky Lab reportedly engaged in behavior to purposefully trick rival software into classifying otherwise benign files as malicious. Put differently, Kaspersky Lab actively and knowingly created fake malware.
The employees further added that such initiatives often involved months of work and centered on reverse engineering rival software programs as to better understand how to fool them. If these allegations are in fact true, it stands to reason that these campaigns to tarnish the reputations of rivals were the result of a concerted effort emanating down from the upper echelons of the company.
They said the secret campaign targeted Microsoft Corp, AVG Technologies NV, Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers’ PCs.
Some of the attacks were ordered by Kaspersky Lab’s co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said.
In a statement on the matter provided to Reuters, Kaspersky founder Eugene Kaspersky vehemently denied the allegations, noting that his company “never conducted any secret campaign to trick competitors into generating false positives to damage their market standing.”
Highlighting one technique reportedly carried out by Kaspersky, the report relays that company engineers would inject bad code into common PC software components and then send such files, anonymously of course, to a competitor. “If the doctored file looked close enough to the original,” Reuters writes, “Kaspersky could fool rival companies into thinking the clean file was problematic as well.”
Next thing you know, end-users begin experiencing funky computer problems with no solution in sight. After all, the very program they rely on to keep their system safe and secure is itself compromised.
In one specific example, a Microsoft researcher interviewed by Reuters recalled how there was a period of time in 2013 when consumers were complaining that Redmond’s own antivirus software was quarantining important printer files. Ultimately, Microsoft determined that thousands of harmless files were being falsely flagged as malicious.
Again, the allegations here against Kaspersky Lab are damning, which is why Eugene Kaspersky has aggressively come out and denied all such claims. Given Kaspersky’s stature within the security community, one can only hope that the Reuters report is false.
— Eugene Kaspersky (@e_kaspersky) August 14, 2015