Report Claims Kaspersky Faked Malware to Trip Up Competitors’ Products
While there have been incidents reported by Microsoft, Symantec, and others of attacks by outside parties aimed at creating false positives by submitting “junk” files as malicious, none had publicly suspected Kaspersky of creating them. Microsoft’s Dennis Batchelder and Hong Jia reported such attacks in a presentation at the Virus Bulletin conference (PDF) in October 2013. The files were in some cases widely shared by antivirus vendors, and some were submitted anonymously over the Tor network.
Liam O’Murchu, a reverse engineer and security researcher at Symantec, acknowledged similar attacks on Symantec’s products in a post to Twitter, saying, “We had investigated these attacks but could not find out who was behind them. We had some suspects, Kaspersky was not one of them.”
According to the two former employees cited by Reuters, Kaspersky Lab employees have been spreading these types of faked malware fragments for the past decade as part of a campaign to undermine competitors’ malware protection tools, in some cases at the direct order of cofounder Eugene Kaspersky. One of the former Kaspersky Lab employee told Reuters that Kaspersy felt that some malware providers were too closely copying Kaspersky Lab’s software, and “Eugene considered this stealing.” Company researchers were assigned for months at a time to reverse engineer competitors’ software to determine how to trick them into falsely identifying good files as potential malware, according to the Reuters report.
More: Report Claims Kaspersky Faked Malware to Trip Up Competitors’ Products