Stories
Slash Boxes
Comments

SoylentNews is people

Kaspersky Lab may have Faked Malware to Harm Rivals

posted by takyon on Saturday August 15 2015, @12:05PM   Printer-friendly
from the true-false-positive dept.

miljo writes:

Reuters has run a story claiming that Eugene Kaspersky directed developers at Kaspersky Lab to modify shared anti-virus definitions in order make other antivirus programs flag benign system files as malicious.

Beginning more than a decade ago, one of the largest security companies in the world, Moscow-based Kaspersky Lab, tried to damage rivals in the marketplace by tricking their antivirus software programs into classifying benign files as malicious, according to two former employees.

The attacks allegedly targeted rivals Microsoft, AVG, and AVAST who Kaspersky felt were stealing.

Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said. "Eugene considered this stealing," said one of the former employees.

Microsoft, AVG and Avast indicated that they had found attempts to introduce false positives as detailed in a 2013 presentation by Dennis Batchelder from Microsoft.

Kaspersky denies the allegations and tweeted this as the story broke.

I don't usually read @reuters. But when I do, I see false positives. For the record: this story is a complete BS...

Read the full story here: http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814

Original Submission

 
This discussion has been archived. No new comments can be posted.
Kaspersky Lab may have Faked Malware to Harm Rivals | Log In/Create an Account | Top | 22 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by takyon on Saturday August 15 2015, @02:45PM

    by takyon (881) <takyonNO@SPAMsoylentnews.org> on Saturday August 15 2015, @02:45PM (#223274) Journal

    I submitted the Reuters story after miljo did. When I checked on the story later, I found some skepticism. From the Reuters story itself:

    Avast Chief Operating Officer Ondrej Vlcek told Reuters in April that he suspected the offenders were well-equipped malware writers and "wanted to have some fun" at the industry's expense. He did not respond to a request on Thursday for comment on the allegation that Kaspersky had induced false positives...

    Kaspersky said it had also improved its algorithms to defend against false virus samples. It added that it believed no antivirus company conducted the attacks "as it would have a very bad effect on the whole industry."

    http://www.theregister.co.uk/2015/08/15/kaspersky_comment/ [theregister.co.uk]

    White-hackers and infosec students also screw around with antivirus engine submissions, Gunter Ollmann, former CTO at IOActive, pointed out today. It's also almost certain that government malware writers run portions of their code through the detection systems to see if they are flagged up.

    Kaspersky Lab did do something along those lines back in 2010, but with a couple of crucial differences. Firstly, the firm was open about what it was doing and published the results of its findings. Secondly, you'd have to be mad to do this on a large scale because sooner or later the news would get out...

    Certainly some of his contemporaries don’t think Kaspersky is guilty on this one. Liam O’Murchu, manager of operations for Symantec and a keen competitor of Kaspersky, was quick to point out that as far as he was concerned, the story was most-likely wrong.

    We had investigated these attacks but could not find out who was behind them. We had some suspects, Kaspersky was not one of them.

    — Liam O'Murchu (@liam_omurchu) August 14, 2015

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    Starting Score:    1  point
    Moderation   +3  
       Informative=3, Total=3
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 2) by captain normal on Sunday August 16 2015, @04:55AM

    by captain normal (2205) on Sunday August 16 2015, @04:55AM (#223455)

    I don't mistrust the folk at Kaspersky Lab. But they are now under the thumb of Putin, and I put him in about the same league as the Koch brothers. People the world would be a lot better off without.

    --
    The Musk/Trump interview appears to have been hacked, but not a DDOS hack...more like A Distributed Denial of Reality.

  • (Score: 1) by miljo on Monday August 17 2015, @12:59PM

    by miljo (5757) on Monday August 17 2015, @12:59PM (#223912) Journal

    I agree that the story had a certain odor to it. That's why I tried to keep a skeptical tone. I saw the register article after my submission and was hoping to add something later. Thanks for saving me the time, takyon.

    --
    One should strive to achieve, not sit in bitter regret.