CATEGORIES
home News

Kaspersky Accused Of Using Fake Malware To Sabotage Competing Antivirus Software

by Rob WilliamsFriday, August 14, 2015, 03:50 PM EDT

It's not a great day for Russia-based Kaspersky Lab, as some of its former employees have come forward (anonymously) with information that indicates that some dastardly deeds were conducted by the company. Ultimately, it's said that Kaspersky wanted to harm its competition because they wouldn't stop stealing its work.

The allegation is that Kaspersky Lab had select employees purposely inject bad code into normal, common files, so that its competitors could pick them up as malicious, and in the worst case, delete them from a user's PC. That could result in broken software or perhaps even a broken operating system.

VirusTotal
The attack on competitors was made possible with Google's VirusTotal

This was made possible with the help of Google's VirusTotal service, although Google is at no fault here. VirusTotal is the result of collaboration between different anti-virus makers; each one of them can submit an infected file to the service, mark it as malicious, and let other anti-virus makers absorb that information into their own solutions. Apparently a couple clearly did.

In particular, these employees say that the biggest target was Microsoft, but it also targeted AVG and Avast. Kaspersky is adamant that it is innocent, saying to Reuters, "Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing. Such actions are unethical, dishonest and their legality is at least questionable."

While he doesn't call out Kaspersky directly, Microsoft's antimalware research director Dennis Batchelder did have an experience to relay. In March of 2013, users complained about a printer-related file being put into quarantine, and after some research, the company found that the code in the file looked similar to another one that it previously added to its detection engine as malicious. He says that the root cause of this was someone injecting bad code into a normal file, obviously to target this file in particular.

Kaspersky Research Lab
Kaspersky's European Research Lab

Kaspersky defends itself to say that it experienced a similar attack, if you want to call it that, in November of 2012, when an "unknown" third party tricked its own detection engine into misclassifying select regular files, including some related to Valve's Steam client.

It's hard to tell where this is going to go, as all of the "victim" companies are keeping mum right now. If there's an upside to any of this, it's that this kind of trick is harder to pull off, as anti-virus makers have become a bit less trusting of their competitors, and as a result are working harder on their own solutions without help of those same competitors.

Tags:  Kaspersky, NASDAQ: MSFT
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment