A new report claims Russia-based leading Internet security firm Kaspersky Lab attempted to sabotage competitors’ antivirus software for nearly 10 years by allegedly inducing false positive malware detection. The Reuters report claim that Kaspersky, which currently has roughly 400 million users and 270,000 corporate clients, was engaged in a secret campaign to ruin smaller competitors.
According to the report, Kaspersky researchers were assigned to work for months at a time on “sabotage projects” to reverse-engineer competitor’s virus detection software to find out how to fool them into flagging clean files as malicious.
“Some of the attacks were ordered by Kaspersky Lab’s co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology,” it said.
The two former employees who are the source of the Reuters report described Kaspersky’s system of altering important software files shared by most PCs so as to make the harmless look potentially dangerous. They would then be uploaded to Google’s VirusTotal malware aggregator, a resource that anti-virus companies use to ensure their databases are up to date. The modified Kaspersky files would look so similar to original files, rivals would find false positives, and use unnecessary resources to combat or debunk the perceived threats, needlessly disabling the files on users’ computers and tarnishing rivals’ reputations and perceived bug-spotting accuracy.
The employees claim that Kaspersky carried out such behaviour for more than a decade, even going as far as to reverse-engineer rival products in order to pinpoint exactly how they spotted threats. In particular, these employees say that the biggest target was Microsoft, but it also targeted AVG and Avast.
Kaspersky Lab denied the charges levied on the security firm. “Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” the company said in a statement to Reuters. “Such actions are unethical, dishonest and their legality is at least questionable.”
In a tweet Friday, Kaspersky himself called the story “complete BS.”
I don’t usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS: https://t.co/m0Rcy2Vm6Y
— Eugene Kaspersky (@e_kaspersky) August 14, 2015
The charges, though, may be hard to disprove. It is worth noting that major players have an interest in discrediting Kaspersky. The company has reportedly been the target of hacks by both the NSA and its British counterpart, GCHQ, in efforts to subvert its antivirus software, and Kaspersky made few friends in the Western intelligence community after exposing the Stuxnet and Flame viruses used against Iranian nuclear facilities several years ago.
But if true, the accusations could be devastating to Kaspersky Labs, which bills itself as the world’s largest private Internet security firm at the moment.
