The Moscow-based company Kaspersky Lab has acknowledged that its antivirus software took source code for a secret US hacking tool from a personal computer in the United States.
The admission came in an Oct. 25 statement on the preliminary results of an internal inquiry that the company launched after media reported that the Russian government used its antivirus software to collect US National Security Agency technology.
Concerns about Kaspersky’s activities prompted the US Department of Homeland Security last month to bar government agencies from using the company’s products.
Kaspersky said that in 2014, the consumer version of its popular product analyzed questionable software from a computer in the United States — which media reports said belonged to an NSA worker — and found a zip file that was flagged as malicious.
While reviewing the file’s contents, an analyst discovered it contained the source code for a hacking tool.
Also Read: This is why Russia can keep hacking the US
The statement said that the matter was reported to Kaspersky CEO Yevgeny Kaspersky, who ordered that the company’s copy of the code be destroyed, and that after that “the archive was deleted from all our systems.”
Yevgeny Kaspersky. Wikimedia Commons photo by Kai Mörk.
The statement came after The Wall Street Journal reported on Oct. 5 that the Russian government was able to modify Kaspersky software to turn it into an espionage tool.
And on Oct. 10, The New York Times reported that Israeli intelligence officials have determined that Russian government hackers have used Kaspersky’s software for espionage.
The Kremlin described the reports indicating that Kaspersky has been used as a conduit for Russian espionage as “absurd.”