Kaspersky confirms what Israel knew: Russian firm stole classified US information with its software


(JTA) — The Russian company Kaspersky Lab confirmed that it had taken source code for a secret American hacking tool via its antivirus software.

The company’s internal investigation came after Israeli intelligence discovered that Russian hackers were using the antivirus software to steal classified information from the United States.

Kaspersky’s anti-virus program is used by 400 million people worldwide, including officials at about two dozen American government agencies.

Source code for a secret American hacking tool was stolen from a National Security Agency employee who had improperly stored them on his home computer, which used Kaspersky antivirus software.

The company said it discovered the code in 2014 in a ZIP file that its software flagged as malicious. Kaspersky said it destroyed its only copy and that no third parties saw the code, though other reports dispute the claim.

According to Kaspersky, it found no evidence that the company had been hacked by the Russians or anyone else except Israel, though it suggested others could have hacked into the American official’s computer through a back door it identified.

The hack was discovered by the company a year later and publicly reported, though it did not name Israel as the culprit. Kaspersky’s report did state, however, that the program was similar to the Duqu virus, which allows the hacker to eavesdrop on conversations and steal electronic files.

Duqu was attributed to the inventors of Stuxnet, the computer worm that set back Iran’s nuclear program by several months or years by affecting some of its computer systems and centrifuges used to enrich uranium after it was released in 2010. Stuxnet was reported to be a joint project of Israel and the United States.

Recommended from JTA