Skip To Content
Fast Forward

Russian Firm Admits Using Stolen NSA Hacking Tool, Confirming Israeli Claim

(JTA) — The Russian company Kaspersky Lab confirmed that it had taken source code for a secret American hacking tool via its antivirus software.

The company’s internal investigation came after Israeli intelligence discovered that Russian hackers were using the antivirus software to steal classified information from the United States.

Kaspersky’s anti-virus program is used by 400 million people worldwide, including officials at about two dozen American government agencies.

Source code for a secret American hacking tool was stolen from a National Security Agency employee who had improperly stored them on his home computer, which used Kaspersky antivirus software.

The company said it discovered the code in 2014 in a ZIP file that its software flagged as malicious. Kaspersky said it destroyed its only copy and that no third parties saw the code, though other reports dispute the claim.

According to Kaspersky, it found no evidence that the company had been hacked by the Russians or anyone else except Israel, though it suggested others could have hacked into the American official’s computer through a back door it identified.

The hack was discovered by the company a year later and publicly reported, though it did not name Israel as the culprit. Kaspersky’s report did state, however, that the program was similar to the Duqu virus, which allows the hacker to eavesdrop on conversations and steal electronic files.

Duqu was attributed to the inventors of Stuxnet, the computer worm that set back Iran’s nuclear program by several months or years by affecting some of its computer systems and centrifuges used to enrich uranium after it was released in 2010. Stuxnet was reported to be a joint project of Israel and the United States.


Republish This Story

Please read before republishing

We’re happy to make this story available to republish for free, unless it originated with JTA, Haaretz or another publication (as indicated on the article) and as long as you follow our guidelines. You must credit the Forward, retain our pixel and preserve our canonical link in Google search.  See our full guidelines for more information, and this guide for detail about canonical URLs.

To republish, copy the HTML by clicking on the yellow button to the right; it includes our tracking pixel, all paragraph styles and hyperlinks, the author byline and credit to the Forward. It does not include images; to avoid copyright violations, you must add them manually, following our guidelines. Please email us at [email protected], subject line “republish,” with any questions or to let us know what stories you’re picking up.

We don't support Internet Explorer

Please use Chrome, Safari, Firefox, or Edge to view this site.