Slashdot Mirror

← Back to Stories (view on slashdot.org)

Former Employees Accuse Kaspersky Lab of Faking Malware

Posted by Soulskill on from the poisoning-the-rival-well dept.

An anonymous reader writes: Reuters reports that two former employees of Moscow-based Kaspersky Lab faked malware to damage the reputations of their rivals. The alleged campaign targeted Microsoft, AVG, Avast, and others, tricking them into classifying harmless files as viruses. The ex-employees said co-founder Eugene Kaspersky ordered some of the attacks as retaliation for emulating his software. The company denied the allegations, and Kaspersky himself reiterated them, adding, "Such actions are unethical, dishonest and their legality is at least questionable." The targeted companies had previously said somebody tried to induce false positives in their software, but they declined to comment on the new allegations. "In one technique, Kaspersky's engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected, the ex-employees said. They would send the doctored file anonymously to VirusTotal." The alleged attacks went on for more than 10 years, peaking between 2009 and 2013.

3 of 90 comments (clear)

  1. Re:Free alternatives? by idbeholda · · Score: 5, Interesting

    http://tot-ltd.org/techinf.htm...

    Project I've been working on for the past 15 years. Take it or leave it.

  2. Provably impossible by Ungrounded+Lightning · · Score: 3, Interesting

    ... where you analyze the executable and then based off that determine if it's malicious or not.

    That's provably impossible. It's trivial to convert it to the halting problem.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  3. NSA FUD demonising Russia by Anonymous Coward · · Score: 0, Interesting

    Dice has an ongoing policy of running stories that demonise Iran and Russia, and lionise Israel and Saudi Arabia. Go check Slashdot's history across the last two years if you don't believe me.

    The GRAIN of truth here is the tedious fact that many anti-trojan programs throw up false-positives (quite deliberately) when spotting common code-morphing, or too many DLL hooks in a .exe. CLEAN game cracks used to play pirate copies are notorious for being FALSELY flagged as trojan infected code- and you can guess who pays for this state of affairs.

    The NSA infamously produced a 'witness' to Saddam's NON-EXISTENT WMD program, and this witness (later fully discredited in even the press Dice wishes you to read) was the justification for Tony Blair's invasion of Iraq. Part of the job of the NSA is to CREATE fake witnessed to claimed malfeasance by target nations and companies. So here we have "BORIS THE CODER" telling us what 'bad boys' Putin's software companies are.

    Which of you Betas are so mega-stupid, you'll fall for Dice's crude psy-ops tricks.