Back to Blog

Kaspersky: Yes, we obtained NSA secrets. No, we didn’t help steal them

November 18, 2017

By: Sikur

Capturar

By DAN GOODIN

For almost two months in 2014, servers belonging to Moscow-based Kaspersky Lab received confidential National Security Agency materials from a poorly secured computer located in the United States that stored the files, most likely in violation of US laws, company officials said.

The classified source code, documents, and executable binaries were stored on a computer that used an IP address reserved for Verizon FIOS customers in Baltimore, about 20 miles from the NSA’s Fort Meade, Maryland, headquarters, Kaspersky Lab said in an investigation report it published early Thursday morning. Starting on September 11, 2014 and running until November 9 of that year, Kaspersky Lab servers downloaded the confidential files multiple times after the company’s antivirus software, which was installed on the machine, found they contained malicious code from Equation Group, an NSA-linked hacking group that operated for at least 14 years before Kaspersky exposed it in 2015.

The downloads—which, like other AV software, the Kaspersky program automatically initiated when it encountered suspicious software that warranted further inspection—included a 45MB 7-Zip archive that contained source code, malicious executables, and four documents bearing US government classification markings. A company analyst who manually reviewed the archive quickly determined it contained confidential material. Within a few days and at the direction of CEO and founder Eugene Kaspersky, the company deleted all materials except for the malicious binaries. The company then created a special software tweak to prevent the 7-Zip file from being downloaded again.

“The reason we deleted those files and will delete similar ones in the future is two-fold,” Kaspersky Lab officials wrote in Thursday’s report. “We don’t need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials. Assuming that the markings were real, such information cannot and will not [be] consumed even to produce detection signatures based on descriptions.”

MORE: https://arstechnica.com/information-technology/2017/11/kaspersky-yes-we-obtained-nsa-secrets-no-we-didnt-help-steal-them/

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.