Kaspersky lab inside: how they are analyzing the viruses

Yesterday Roman Vasilenko from KL did a post on Gostev's personal blog. The article written in Russian is a stupid PR one and have no any intresting points except only one - the screenshot. The original screenshot was that. It is screenshot from a Dr.Web internal sandbox used for the virus analyzing inside Dr.Web virus laboratory and stollen by KL staff. good work of KL!

 

How could it be stolen by KL staff? If it is Dr.Web's, why there are no official news about this? Will there be any legal action?

 

R. Vasilenko is former Dr.Web virus analyst now working for E. Kaspersky

 

As far as I am concerned, who cares how KL analyze their viruses?!

 

It's about stealing technology, not how they analyze things.

 

what is this?:- "throw a bit of mud and hope something sticks"If these accusations were made anywhere else than on the web(or in parliment!) you'd probably find yourselves open to litigation

 

One thing is sure, the OP hates Kaspersky

 

So does this internal sandbox comes with a EULA for internal use only? I really do not think people at KL do not have an analyzing tool of their own. Maybe they will purchase license if needed but using a tool from a competitor without permission is a serious accusation.

 

Looks like all the other analysis tools you will find in AV labs usually. Where is the excitement?

 

How do you know he didn't make the software, and now Dr. can't use it?

 

Looks like a pretty ok tool to me.

 

Kaspersky´s viruses? and OMG
I hope they do not publish it in the wild ....

 

I really fail to see the point of this thread. Confusion, misunderstandings, FUD, mud throwing, more confusion and some extra confusion with sugar on top....

Does this lead anywhere, or can a mod release this thread from its suffering?

 

The poster meant viruses received/obtained by the Kaspersky virus analysis labs from various sources.........

Well, as for the thread, quite a few smoke and daggers here, but even if what has been claimed did really happen, I really doubt it is the first time.

What is for sure is that the original poster does seem strongly affiliated with Dr.Web.......

 

While it is possible that I'm going insane, those of you who have visited the first link would be able to verify my sanity: if you visit it now, is the background different Either the secureblog.info posting no longer has the background which was similar to the "Angar" post earlier or I need to sleep more

Anyway, from a technical perspective: the text within the programs was identical in formatting (the screen captures are of programs monitoring specific API calls) which is suspicious to say the least but the blue-on-dark-blue is a standard color scheme for a few different DOS text editors/viewers.

While it is possible that the researcher continued using the tool from the previous company, I'm not sure why as from the output shown, it just looks like a simple API tracer - something that both Dr. Web and Kaspersky have developed independently within their respective products.

EDIT: Thank you, Google Cache, for assuring me of my sanity (at least this time ):

http://74.125.95.132/search?q=cache....Win32.Injecter.diw"&cd=1&hl=en&ct=clnk&gl=us

I suspect there may be some foul play here and the author caught it and edited the pictures

 

really?
If they stealing, why they not producing their own viruses ....
what next Kaspersky terrorist organization
bad kaspersky

 

One person does not reflect the whole company's ideals.

 

(I think I speak for many people when I ask this) - What on earth are you talking about?

 

Regarding Kaspersky, I am more concerned because even after ten days they not add a signature of the virus sample that I sent them (DR/Agent.ofc alias Trojan.Dropper.TDU).

 

haven't they use our "Angar" sandbox since now? so, they can't work anymore

 

ohh, no, look at original screenshot changed quickly by the author

 

I think I see a fox in the bushes.

 

It was bought up in the comments, the Kaspersky guy said it was done at home and not at work so he wasn't "working" on behalf of Kaspersky when using the tool.

Followed by squabbles on copyrights, destroying media after employment ends and who really owns the tool because it was coded by two guys in their own time.

Amusing stuff.

P.S Can i have a copy also, it looks pretty cool.

 

I think he is just joking (while being a bit drunk ) Too much listening to bands like Einsturzende can lead to secondary effects Ok now it's me joking