Russian antivirus firm faked malware to harm rivals

[1PW]

http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814

Pity.

[daledoc1]

The article is almost "TLDR".

 

But both the title and the content are notable for one particular item: "Two ex-employees".

We all know about the implications thereof.

 

So, along with the peculiar timing of this revelation, I think it's quite reasonable to take everything in the claim with a large helping of sodium chloride.

 

Having said that, who better to "spy" than the Russians, if not the Chinese?  

 

Sincerely, a loyal KL user for many years,

 

 

[Aura]

As I said already on BleepingComputer, these are allegations at best, and the thread title is very misleading. Also dale got it right, "ex-employees" says a lot

[daledoc1]

KL response:

 

https://usa.kaspersky.com/about-us/press-center/press-releases/kaspersky-lab-statement-reuters-article-posted-august-14-2015

[David H. Lipman]

 

We conducted the experiment to draw the security community’s attention to the problem of insufficiency of multi-scanner based detection when files are blocked only because other vendors detected them as being malicious, without actual examination of the file activity (behavior). https://securelist.com/blog/opinions/30611/on-the-way-to-better-testing/.

 

Yes.  This is a known problem in the Industry.  Product X flags a binary.  Product Y gets samples and sees Product X's detection and mimics the detection without actually analyzing the sample.