Kaspersky Categorically Denies Report That It Sabotaged Competing Antivirus Software
Not surprisingly, Kaspersky is a bit prickly about the whole thing.
“Contrary to allegation made in a Reuters news story, Kaspersky Lab has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” the company said in a statement. “Such actions are unethical, dishonest and illegal. Accusations by anonymous, disgruntled ex-employees that Kaspersky Lab, or its CEO, was involved in these incidents are meritless and simply false.”
Kaspersky actually has some history with putting false information into the wild, but that particular incident was much more benign than the attack it’s accused of engaging in now. The company put some harmless files into a malware collection pool, Google’s VirusTotal, then showed the media that many antivirus programs were detecting the files as harmful. It was a fairly dramatic way for Kaspersky to give some credibility to its beef that other companies were picking up Kaspersky’s research without performing enough analysis of their own – essentially piggybacking on Kaspersky’s work.
“After the experiment, we made it public and provided all the samples used to the media so they could test it for themselves,” Kaspersky said in the statement. “We conducted the experiment to draw the security community’s attention to the problem of insufficiency of multi-scanner based detection when files are blocked only because other vendors detected them as being malicious, without actual examination of the file activity (behavior).
Obviously, there’s a world of difference between popping some fake malware into VirusTotal to prove a point and actually injecting bad code into important files to cripple computers. Kaspersky came out with a vocal defense shortly after the Reuters report appeared and it hasn’t wavered in denial since – pointing out that it, too, has suffered from bad files that appeared in VirusTotal.
Although Microsoft has mentioned seeing evidence that it has been a target of such an attack, the company hasn’t come anywhere near accusing Kaspersky (or anyone else) of being responsible. For now, it’s a he said/they say, with the “he” being anonymous sources.