News

Kaspersky found NSA malware through proprietary security software scan on private PC

By admin
Spread the love

Kaspersky has released preliminary results of its own investigation launched after media reports that an NSA employee had been hacked through his software. The company now claims it found NSA malware through a scan on a private PC.

Kaspersky writes that it has conducted an extensive investigation of its telemetry logs after media reported that hackers had stolen NSA malware via security software from the home computer of a subcontractor working for the US security service. According to previous reports, that happened in 2015, but Kaspersky now reports that it is only aware of an incident in 2014. The investigation focused on this incident, which revealed that Kaspersky had indeed detected NSA malware on a US home computer.

This happened to a user who participated in the Kaspersky Security Network, with which the company collects information from its users to, for example, detect new forms of malware. In addition, the user concerned had enabled the automatic submission of new samples. From the log files, Kaspersky determined that the user downloaded a keygen for Microsoft Office and ran it while disabling the security software.

It turned out that the keygen contained a backdoor, as the Kaspersky software was later re-enabled to detect and block the malware. The user then ran several scans of his system, during which the software discovered new and unknown NSA malware. Underneath was a 7zip archive that was sent in its entirety to Kaspersky for analysis. It contained various samples and source code of NSA malware. Following a report to Kaspersky’s CEO, the malware was removed from all Kaspersky systems. After that, no other incidents are said to have occurred and no intruder on Kaspersky’s networks has been detected, apart from the incident that was already known.

Kaspersky announced in 2015 that it had found a hacker group with possible ties to the NSA, also known as the Equation Group. The malware that the company detected also attributes it to this group. The software of the Russian security company is no longer in use by the American government for fear that the Russian government would spy with it. Major American chains such as Best Buy have also stopped selling. Kaspersky denies the allegations of aiding espionage.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin