Skip to main content
  1. Home
  2. Computing
  3. News

Kaspersky Lab accused of faking malware to generate false positives in competing software

Add as a preferred source on Google

Two former employees of Russian anti-virus firm Kaspersky Lab have accused the company of generating fake malware files so that its competitors’ software would classify them as malicious.

The allegations were made in a report today from Reuters. The two anonymous ex-employees said Kaspersky Lab would reverse engineer other companies’ software to see how they identify dangerous files.

Recommended Videos

Employees would then supposedly create harmless files with the same signatures as legitimate files that would then appear to be risky, all in the hopes that a competitor would label them as dangerous. The aim was to undermine how rival software worked.

“It is not only damaging for a competing company but also damaging for users’ computers,” said one of the ex-employees.

The unnamed accusers said these orders have been going on for 10 years and sometimes came directly from founder Eugene Kaspersky, who had taken umbrage with many other security software companies for supposedly ripping off its ideas. Some of the competitors named in Reuters’ report include Microsoft, AVG Technologies, and Avast.

It’s hard to assess the damage that these kinds of attacks or false positives can do, added the Reuters report.

Kaspersky Lab has fervently denied the allegations. “Contrary to allegations made in a Reuters news story, Kaspersky Lab has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” said the company’s official statement. “Such actions are unethical, dishonest and illegal. Accusations by anonymous, disgruntled ex-employees that Kaspersky Lab, or its CEO, was involved in these incidents are meritless and simply false.”

In 2010, the Russian company shared some harmless files on Google’s VirusTotal aggregation. It did so to prove competitors were following Kaspersky’s lead when it came to marking files as malicious, rather than conducting their own research. Kaspersky called it a “one-time experiment” and added that in 2012 it was targeted by similar attacks that its accused of now.

The security industry has in the past complained about false positives being introduced to the web, but Kaspersky Lab has never been implicated before.

Liam O’Murchu, a security researcher at Symantec, said no one suspected Kaspersky. “We had investigated these attacks but could not find out who was behind them. We had some suspects, Kaspersky was not one of them,” he tweeted.

Microsoft, AVG, and Avast have not commented on these latest allegations.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
macOS clipboard app Maccy has a fake out there stealing passwords
PamStealer malware is disguising itself as Maccy to target Mac users
Depicting of the Maccy clipboard app for macOS on a laptop with letters inb the background.

A fake version of Maccy, a popular clipboard manager for macOS, is being used to deliver a newly discovered Mac malware strain called PamStealer. Researchers at Jamf say the malware impersonates the real open-source app, but its actual purpose is to steal data and capture a victim’s login password.

PamStealer arrives as a disk image containing an AppleScript file that impersonates Maccy. Once the user opens that file, macOS launches it in Script Editor, where the on-screen instructions tell them to press Command-R. To someone expecting a normal app installer, that may look like an odd setup step. In reality, that action runs hidden malware code and starts the attack.

Read more
A new technology teaching drones to feel pain could stop your self-driving car from harming itself
Drones first, autonomous cars next. A pain-sensing system that detects failure before it happens has real stakes for self-driving vehicles.
Transportation, Vehicle, Car

When you sprain your ankle in the middle of a run, your body sends a pain signal to your brain, forcing you to stop. Essentially, the ability to sense pain stops you from pushing through the injury and causing further self-harm.

Researchers at Delft University of Technology and Wageningen University have applied this exact concept to drones, giving them a digital equivalent of a nervous system that recognizes a faulty part and triggers a pain-like warning signal. What's even more interesting is that the technology could find use in self-driving cars.

Read more
Claude Fable 5 is leaving subscriptions, but maybe not for good
High demand is pushing Claude Fable 5 out of subscriptions for now
Claude Fable 5 and Claude Mythos 5 Official Render

Anthropic’s most advanced publicly available Claude model is still leaving standard subscription access after July 7, but the company is now trying to calm fears that the move is permanent.

Fable 5 recently returned to Claude after drawing scrutiny from the U.S. government. Anthropic said it would be included on Pro, Max, Team, and select Enterprise plans for up to 50% of weekly usage limits through July 7. After that date, the model is set to move to usage-credit billing, meaning users will pay for access outside their regular plan limits.

Read more