Reuters: Russian antivirus firm faked malware to harm rivals

Discussion in 'other anti-virus software' started by vlk, Aug 14, 2015.

  1. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,642
    Location:
    Sneffels volcano
    Shouldn't have this been posted in the naive jokes section?
     
  2. Eggnog

    Eggnog Registered Member

    Joined:
    Nov 17, 2012
    Posts:
    129
    Location:
    United States
    I'm certainly no Kaspersky apologist, but jumping to conclusions based on the statements of two former employees, when nothing has been corroborated, seems unwise.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I totally agree. If the story is true...
     
  4. Doesn't surprise me. AV industry is a dirty business. Everyone is competing for profits. I'm glad I use Linux. The only AV company I respect is Emsisoft.
     
  5. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    The thing is, modified and crafted files do not affect legit files found on user systems in regard of detection from other products than Kaspersky. If Kaspersky did in fact modify files and uploaded them to VirusTotal just to see the reaction of competitors, those files had different size, different hash and would be without a valid digital signature if one was present originally on legit clean files. Meaning we are again returning to the "lazy town" of companies that just blindly add files to detection without doing proper inspection and proper false positives checking. And Kaspersky just proved that point by probing what competitors do this.
     
  6. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    812
    Location:
    255.255.255.255
    Who isn't working for profits :d
    Non one works for charity. Competitiveness is what drives innovation. And yes, I am also a open source and linux supporter but I am not against paid things.

    As far as dirty work, it is there in every business, such as telecom, Bank, investments, Food items etc etc. You just don't realize it.
    PS: Sorry for drifting off topic a bit.
     
  7. There is a fine you don't cross. If Kaspersky did this then they should be ashamed. It's called anti competitive behavior. You get sued for that.

    And what about all the money Kaspersky gets from leasing it's signature database to other AV/Malware companies? Are they "stealing" from Kaspersky?

    You have to keep in mind that Kaspersky is a Russian company. They don't play by the rules that western companies do otherwise they would be sued.

    Remember that Kaspersky has a very good spin and PR machine that backs the company. They have lied in the past when issues were exposed.
     
  8. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    But when Kaspersky plays in the western market isn't it to comply with the western rules? If any violations happen they can be sued in the western market. Were any trials?
     
  9. PallMall

    PallMall Guest

    I always admire the fact of giving priority to ethics over efficiency. With what this implies. Like preferring a lesser quality anti-virus software provided the fact the company hasn't transgressed our grand moral standards, like spitting on a company known for it's high quality software on the basis of allegations, speculations at this time.

    I'm far from such a noble attitude. I choose an anti-virus/malware on the basis of its efficiency and I admit that allegations concerning the company's behavior, should they be proven, have not one incidence on my choice.
     
  10. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    But leeching on your work somehow isn't? And if you think western companies play by the rules, I can only laugh at that. Intel for example is as western as a company can get and yet they play it as dirty as it's legally possible by twisting and bending laws to their very limits. And they aren't the only ones...
     
  11. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    What would you do if you owned a software company, & others were constantly ripping you off over many years ?
     
  12. mnosteele

    mnosteele Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    194
    Location:
    Chesapeake, VA USA
    Look who started this thread...... I believe that gives this story merit.
     
  13. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
  14. JimmyJames321

    JimmyJames321 Registered Member

    Joined:
    Apr 6, 2015
    Posts:
    47
    ~ Removed Quote Remarks From a Deleted Post ~

    See how different persons would come to different conclusions given the same fact ! : )

    For me as I said before, more evidence and revelation needed to make it a concrete accusation. (Presumed innocent unless and until proven guilty)
     
    Last edited by a moderator: Aug 15, 2015
  15. PallMall

    PallMall Guest

    Should the allegations be proven or not the question you submit is pertinent. Whatever, I remain stunned about the facility, promptness of so many among us (I mean the planet not the site even less the thread itself!) to deploy violent pseudo-revolts crafted with total haste when it comes to accuse a person, a company, even when the context is that of allegations. Amazing how our psychology very often seems to try to conciliate a natural need for haste with the first opportunity it feels as able to legitimate its propensity for spitting.
     
    Last edited by a moderator: Aug 15, 2015
  16. wshrugged

    wshrugged Registered Member

    Joined:
    Jun 12, 2009
    Posts:
    266
    According to the OP story (again, it must be said, IF it's true) :
    http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814

    I interpret that as meaning end users were affected without notification as to the facts. Maybe I'm wrong. If you read Eugene Kaspersky's response :
    https://eugene.kaspersky.com/2015/08/14/the-abracadabra-of-anonymous-sources/

    To me, this shows the mechanism that attackers (whoever they might be) could use to cause FPs on end user machines.

    My initial post was a reaction to the lack of consideration in the thread towards end users. I'm sick to death of the constant black cloud of uncertainty and misdirection that exists in the security world. I know confidentiality, thus uncertainty, is part of its very nature but it seems to me the industry's behaviors have gone far beyond that. Maybe I need to step back from reading about it as much as I have recently.

    We're talking about a story that may not be true. The media has proven time and again to be untrustworthy (blood suckers of a different sort). I'm with you in the goal of exposing the leeches involved in the security industry. If end users are used as part of that process, they should be notified.
     
  17. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Again, how do you FOOL a competitor into doing this? It's not like they hacked their servers and altered their definitions or anything...
     
  18. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    @RejZoR I think the article explains quite well, how Kasperky allegedly did it. If Kaspersky shared their samples with other vendors that I think it could be possible.

    To make it clear, I'm not saying that I believe what has been claimed is true. But, I do believe it could be possible to do what was claimed.
     
  19. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    Please, read the article:

    Their chief task was to reverse-engineer competitors' virus detection software to figure out how to fool them into flagging good files as malicious, the former employees said.
     
  20. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,541
    Location:
    Triassic
    So what happens next?

    Allegations have been publicly made and a response given by the accused - full denial. Those implicated by association , e.g. other AV companies, Virus Total and MS have refused to comment. The accusers are anonymous (assumed Russian) ex-employees - the reason for anonymity left to speculation. The messenger (media) shapes the news, therefore not trustworthy.

    Swinging Bait : The Media usually picks up on stories like this however they just regurgitate the original story . The Talking Heads' get to spout their usual claptrap.

    Houdini Act: The Russians could bury it (including the ex-employees ! ).

    Legal Action: By whom and for whom? Not expected as the victim is the user whether the story is true or not.
     
  21. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Again, how does that affect them.
    How does this affect others unless they are in fact guilty of harvesting Kaspersky's work?
     
  22. Amanda

    Amanda Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,115
    Location:
    Brasil
    AGAIN: Read the article.

     
  23. UnknownK

    UnknownK Registered Member

    Joined:
    Nov 3, 2012
    Posts:
    160
    Location:
    Unknown
    I wonder why western media has only bad things to say about kaspersky in recent times. It's not "leading" antivirus firm, it's always "Russian" antivirus firm in the headlines.
     
  24. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    "I wonder why western media has only bad things to say about kaspersky in recent times. It's not "leading" antivirus firm, it's always "Russian" antivirus firm in the headlines."

    The question to ask would be, is Kaspersky controlled in any way by the Russian government?

    "No, it's just that Reuters is US propaganda tool. I don't believe a word."

    Is Reuters a US based news company? I thought it was UK based and we all know what Russia is doing in the UK right now?

    I don't want to make political comments here on Wilders because at one time they did not allow it but If questions are asked as to why, then I think Other views as to why should be allowed also?
     
  25. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Whether the accusations are true or not requires further investigation. It does cast suspicion on Kapersky. As such, one more thing for the AV Labs to check out since false positives can dramatically reduce a vendor's test score received.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.