Click to Skip Ad
Closing in...

How the NSA Spied on Antivirus Companies to Make Undetectable Malware

Published Jun 22nd, 2015 10:30PM EDT
NSA GCHQ Spying Kaspersky Antivirus

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Russian antivirus company Kaspersky revealed recently that it was the target of hackers behind the Stuxnet and Duqu worms last year. The hackers have been attacking the company’s network for months, collecting data on its operations and software. But it turns out that intelligence agencies including the NSA and GCHQ have spied on antivirus companies for years, looking for exploitable vulnerabilities.

DON’T MISS: Apple Rumored to be Working on a Crazy iPhone Design Change We Thought We’d Never See

The new report comes from newly leaked documentation from NSA-whistleblower Edward Snowden, who made them available to The Intercept.

According to the documents, these agencies were spying on antivirus companies as far back a 2008, looking at their malware-detecting capabilities and adapting malware threats undetectable by these programs to serve for their covert spying operations. By spying on antivirus companies from various countries and reverse-engineering their software, the NSA and GCHQ were looking to stay ahead of the game and make sure that these programs would not be able to detect their own spying software.

Kaspersky is also one of the targets of both agencies, being an especially hard nut to crack. The GCHQ tried to legally spy on Kaspersky, and did so for a brief period of time.

“Reverse engineering of commercial products needs to be warranted in order to be lawful,” a GCHQ agency memo said. “There is a risk that in the unlikely event of a challenge by the copyright owner or licensor, the courts would, in the absence of a legal authorization, hold that such activity was unlawful[…]”

When looking at Kaspersky’s operations, the NSA would spy on incoming email from customers, which would describe newly discovered threats. Out of the many reports, the spy agencies would select some 10 malicious files per day out of the hundreds of thousands that might arrive on a single day, study them, and repurpose the ones that can’t be detected by Kaspersky’s antivirus programs.

The full story about this new massive NSA and GCHQ spying operations is available at the source link.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.


Latest News