Russian Firm Admits Using Stolen NSA Hacking Tool, Confirming Israeli Claim
(JTA) — The Russian company Kaspersky Lab confirmed that it had taken source code for a secret American hacking tool via its antivirus software.
The company’s internal investigation came after Israeli intelligence discovered that Russian hackers were using the antivirus software to steal classified information from the United States.
Kaspersky’s anti-virus program is used by 400 million people worldwide, including officials at about two dozen American government agencies.
Source code for a secret American hacking tool was stolen from a National Security Agency employee who had improperly stored them on his home computer, which used Kaspersky antivirus software.
The company said it discovered the code in 2014 in a ZIP file that its software flagged as malicious. Kaspersky said it destroyed its only copy and that no third parties saw the code, though other reports dispute the claim.
According to Kaspersky, it found no evidence that the company had been hacked by the Russians or anyone else except Israel, though it suggested others could have hacked into the American official’s computer through a back door it identified.
The hack was discovered by the company a year later and publicly reported, though it did not name Israel as the culprit. Kaspersky’s report did state, however, that the program was similar to the Duqu virus, which allows the hacker to eavesdrop on conversations and steal electronic files.
Duqu was attributed to the inventors of Stuxnet, the computer worm that set back Iran’s nuclear program by several months or years by affecting some of its computer systems and centrifuges used to enrich uranium after it was released in 2010. Stuxnet was reported to be a joint project of Israel and the United States.
A message from our CEO & publisher Rachel Fishman Feddersen
I hope you appreciated this article. Before you go, I’d like to ask you to please support the Forward’s award-winning, nonprofit journalism during this critical time.
At a time when other newsrooms are closing or cutting back, the Forward has removed its paywall and invested additional resources to report on the ground from Israel and around the U.S. on the impact of the war, rising antisemitism and polarized discourse..
Readers like you make it all possible. Support our work by becoming a Forward Member and connect with our journalism and your community.
— Rachel Fishman Feddersen, Publisher and CEO