Kaspersky Caught Red-Handed - Allegedly Copied Files from Personal Computers

Eugene Kaspersky

Eugene Kaspersky

Kaspersky issued a statement that could raise suspicions of cooperation between the Russian security company and the Russian government.

The statement mentions that Kaspersky’s antivirus software sent and copied data from personal computers without the user knowledge or consent.

Various files were copied from a computer that was used by a contracted company that provides services to the US administration. According to the Kaspersky, the files were transferred to the company's headquarters because they were suspected of showing symptoms of malware related data. At the same time, Kaspersky admits that the file itself did not endanger the user’s computer at any stage.

Surprisingly, the copied files contained cyber-attack tools belonging to the NSA and even a 0-day malware that couldn't be detected by any Antivirus at the time.

These files later leaked from Kaspersky's network and were used by a group of hackers operating under the name Shadow Brokers.

Eugene Kaspersky, the company's CEO, wasn’t too eager to discuss the way the software worked, and why it decided to copy the above files, claiming that he did not want to make it easier for hackers to avoid the protection layers of their software.

According to Kaspersky, when the origin of the code was discovered on October 25th, 2017, the code was marked for deletion and was deleted from the company's computers.

But how did this happen?

Intelligence units in Israel managed to penetrate Kaspersky's internal network - which is a serious security failure by itself - and when the Israelis identified the files they quickly reported the discovery to the United States.

This is becoming the new “Cold War”, spies watching spies watching spies

According to various reports by the agency that penetrated Kaspersky’s computers, they observed real-time activity of searches for files with the names related to government-developed spying tools, and therefore Kaspersky’s claims that it was an honest mistake isn’t accepted by the intelligence community.

In fact, Kaspersky has transformed its software and its enormous user data base to a “search engine” for spies.

This seems to kick the legs from under Kaspersky's claims of good faith.

As an immediate reaction to the incident and due to the sensitivity of the American administration in the wake of claims of Russian influence on the latest US election campaign, the Department of Homeland Security (DHS) instructed all government agencies not to use Kaspersky's products anymore.

In addition, this sweeping prohibition was adopted by even more countries such as Israel and other Western countries.

Kaspersky is under severe financial pressure and its brand image is at risk. The company is trying to soften the blow by taking a unique line that will enable an independent review of its software’s source code on a regular basis.

In my opinion, this suggestion is reasonable on the one hand, but on the other hand, nobody can assure me that a source code that‘s checked by an independent body on Monday will not be replaced by another code on by Wednesday.


We promise to only send really good deals and important updates. No spam.

And now to the big question, can we still recommend Kaspersky products on FatSecurity?

This is a difficult question and we think it's up to the user to decide.

If you’re involved in state-level security or have any connection to an organization or institution that the Russian government may be interested in, then the answer is definitely no.

But if you’re a normal average home user, Kaspersky is still one of the top products in the Antivirus market and hopefully, after this case they will think twice before risking their public image again.

Fat Security


We promise to only send really good deals and important updates. No spam.