Kaspersky has recently published the results of its investigation following claims that its antivirus software was used in an attack aimed at an NSA employee. The computer security firm has accused the malware infected software of Microsoft, the reason for the NSA hack and theft of top-secret US intelligence materials.
Earlier reports indicated that Kaspersky’s antivirus software, which was running on the NSA worker’s home computer, is believed to be the reason behind the Russian spies to access the machine and steal important documents which belonged to NSA hacking unit dubbed as Equation Group.
Talking about the software that facilitated the hack, Kaspersky says it wasn’t the antivirus software that allowed cybercriminals to breach into the system but pirated Microsoft software.
According to Softpedia, the user downloaded and installed a pirated copy of Microsoft Office 2013 and used a key generator to bypass the activation process. Reports say that the Kaspersky Antivirus, which was installed on the system, was disabled manually in order to activate the pirated copy of Microsoft Office.
The company claimed that the computer was infected by other malware, including a Russian-made ‘backdoor tool,’ which was hidden in a pirated copy of Microsoft Office.
“The illegal activation tool contained within the Office ISO was infected with malware. The user was infected with this malware for an unspecified period while the Kaspersky Lab product was inactive. The malware consisted of a full-blown backdoor which could have allowed other third-parties to access the user’s machine,” the Company said.
Kaspersky said that the malware was controlled from a computer server based in China and would have opened a path into the computer for anyone targeting an NSA worker.
The company says some of NSA’s files ended up on its servers after the antivirus system detected a 7Zip archive file infected with the malware.
As per the antivirus policy, infected files were uploaded to Kaspersky for analysis. This detection took place on October 4, 2014. Once the classified docs were discovered the infected file was deleted for which Kaspersky says the “archive was not shared with any third parties.”
Kaspersky is currently banned on computers used by US government on claims that the company helped Russian spies’ attacks against American targets....