Antivirus industry damaged by the Kaspersky’case

Pierluigi Paganini August 17, 2015

Kaspersky sustains the Reuters’s story on Antivirus false positives is based on information provided by anonymous former KL employees which are not reliable

Some days ago, Reuters published a story about Kaspersky revealing that the Russian company was creating malicious codes to give them an upper hand against their direct competitors.

Eugene Kaspersky in the last days has been very active in his blog denying the accusations:

“The Reuters story is based on information provided by anonymous former KL employees. And the accusations are complete nonsense, pure and simple” Kaspersky wrote in a blog post.

“In 2012-2013, the anti-malware industry suffered badly because of serious problems with false positives.” This happened because “someone … spreading legitimate software laced with malicious code targeting specifically the antivirus engines of many companies.” All this was discovered in November 2012, and Eugene Kaspersky added “our products produced false positives on several files that were in fact legitimate. These were the Steam client, Mail.ru game center, and QQ client. An internal investigation showed that these incidents occurred as the result of a coordinated attack by an unknown third party.”

Eugene Kaspersky antivirus firm CEO

The events went on for a couple of months, with tweaked versions of these applications keep appearing creating the problem bigger to Antivirus companies.  In response the security industry held “a closed-door meeting among leading cybersecurity and other software industry players that also suffered from the attack – as well as vendors that were not affected by the problem but were aware of it.”.

“During that meeting the participants exchanged information about the incidents, tried to figure out the reasons behind them, and worked on an action plan. Unfortunately no breakthrough occurred, though some interesting theories regarding attribution were expressed”.

Many theories emerged and one of them was that AV companies were the ones creating these tweaked programs to give an upper hand in comparison with their competitors, and creating the chaos in the AV rivals.

“As far back as the late nineties I’d take with me to press conferences a placard with the word ‘No!’ on it. It saved me so much time. I’d just point to it when every third question was: Do you write viruses yourselves, for your product to then “cure” the infections”?

“Do they really think an 18+ year-old business built 100% on trust would be doing such things?”

Truth or not, Reuters article is not good for Kaspersky neither for the other Antivirus companies that see now their credibility going down the pipe.

Since years people suspected that Antivirus companies were behind some virus, and with the article out, I think people will disbelieve even more security firms developing Antivirus solutions, but let’s see how this will turn out.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

 

Pierluigi Paganini

(Security Affairs – Kaspersky, Antivirus)



you might also like

leave a comment