Kaspersky: NSA Computer Was Infested With Malware

Kaspersky Lab is again challenging allegations that it stole classified files from an NSA employee'due south calculator, pointing to new analysis that says the calculator in question may have been infested with malware.

The computer had 121 pieces of malware on the system, including backdoors, exploits, and Trojans, according to Kaspersky. "It is possible that the user could have leaked information to many hands," the security firm said.

SecurityWatch The data comes equally Kaspersky Lab battles accusations that its security software helped the Russian government to commit cyber espionage. Russian government hackers reportedly detected the classified files on the NSA employee's computer by using Kaspersky antivirus software, which was installed on the system.

Moscow-based Kaspersky has been poring over internal logs, which information technology says detected alerts for 121 malicious files on the reckoner, which may have come up from pirated software. Among them was a file called Backdoor.Win32.Mokes.hvl, which was sold on Russian underground forums and infected the NSA employee's computer in Oct 2022.

During the time of the infection, the Mokes malware had been communicating to a command command server from a "Chinese entity" going by the proper noun Zhou Lou, using the email accost zhoulu823@gmail.com, co-ordinate to Kaspersky Lab.

The computer became infected after the NSA employee disabled antivirus software to install a pirated version Microsoft Role 2022, the security firm claims. "The malware consisted of a full-blown backdoor which could accept allowed other third-parties to access the user's motorcar," the company said.

Boosted software piracy tools were detected on the reckoner every bit well, which may explain why information technology had so many malicious files on the arrangement. Merely information technology's unclear if the 120 other pieces of malware e'er executed on the estimator, Kaspersky Lab said.

It's likewise unclear if the new findings volition lift the controversy effectually the security firm. The US Section of Homeland Security has ordered federal agencies to remove Kaspersky Lab software from their systems. Retailers such as Best Purchase have too dropped it from store shelves.

Last month, Kaspersky Lab admitted it had inadvertently downloaded classified files from the NSA employee's computer, but only because the company's antivirus software had flagged them as malware. Those files reportedly independent NSA hacking tools, including the estimator code. In one case Kaspersky Lab realized the files had actually come from the US authorities, it promptly deleted them from its own database.

Kaspersky said its software is no different from competing antivirus products, which also scan system files for potential malware. But the downloading of classified files from an NSA computer, even if inadvertent, probably doesn't sit well with the US government.

I can see why government agencies would not use Kaspersky products when they realized information technology sends whole archives to cloud, no sane data-loss prevention policy could allow it.
— Hacker Fantastic (@hackerfantastic) Nov 16, 2022