Kaspersky tipped to be sabotaging rival anti-virus software

Russian security company Kaspersky is one of the most trusted names when it comes to software protection but, while a recent hacking incident may have portrayed it as a victim, it might not actually be that innocent after all. Two former employees, who of course desires to remain anonymous, reveals that Kaspersky has been covertly working to undermine rival anti-virus software by flagging innocent and important system files as malware, causing these other AV programs to delete those files, turning unsuspecting users into collateral damage in their wake.

Supposedly, Kaspersky's motives for this strategy was twofold. The first was to naturally gain an advantage in the anti-virus market, eroding the public's confidence in rival software from the likes of Microsoft, AVG, and Avast. The other reason was a sort of retaliation against companies whom Kaspersky felt was piggybacking on their intellectual property and hard work at finding malware.

For the past years, anti-virus companies both big and small have resorted to sharing their findings and samples of malware in order to better address the fast growing number of malware in the industry. They have taken to third party services like Google's VirusTotal as a sort of common database for such things. In 2010, Kaspersky complained about copycats and, with its call unheeded, it decided to take matters into its own hands.

To test just how much its rivals relied on, and implicitly trusted, its reports, in 2010 Kaspersky created 10 harmless files that it flagged as malicious on VirusTotal. In less than two weeks, 14 security companies simply copied Kaspersky's reports without digging deeper. Armed with the knowledge it can do much damage, it started to move with more force, injecting bad code into harmless and important files to make them look malicious and then submitting those to aggregators like VirusTotal to spread the misinformation and let other AV software quarantine or even delete those important files. Naturally, Kaspersky denies any such operation which it considers unethical and legally questionable. It argues that it was itself a victim of such a procedure in 2012.

Rival AV software makers like Microsoft and Avast do recall a period when they were flooded with false positives. While they frantically worked to get those fixed, they didn't try to hunt down where the source was. Either that or they're simply denying what they uncovered.

SOURCE: Reuters