Russia-based antivirus software company Kaspersky Lab said that a security mistake by US National Security Agency's contractor led to leaking confidential hacking tools to the cybersecurity firm.
The Lab claimed that after realizing that the downloaded secret hacking tools were classified, they deleted every file. In September, US officials ordered the probe saying the firm was influenced by Kremlin, and compromised data could harm national security.
"The archive was deleted from all our systems. The archive was not shared with any third parties," Kaspersky Lab said on Tuesday.
According to Kaspersky Lab's investigation, on 11 September 2014, the NSA's contractor was working on his personal computer at home when he detected a piece of malware.
"US law tolerates inadvertent acquisition of classified data but doesn't allow to distribute it. We deleted it to follow the law," the company's CEO Eugene Kaspersky tweeted on Wednesday. The Russian security firm added: "Kaspersky Lab has never created any detection of non-weaponized (non-malicious) documents in its products based on keywords like 'top secret' and 'classified'."
The company was not able to pinpoint the exact date as the contractor apparently disabled the Kaspersky antivirus software. On 4 October 2014, the contractor again turned the antivirus software back on.
“The user appears to have downloaded and installed pirated software on his machines, as indicated by an illegal Microsoft Office activation key generator,” Kaspersky says. “The malware dropped from the trojanised keygen was a full-blown backdoor, which may have allowed third parties access to the user’s machine.”
While reviewing the file’s contents, the company removed all the files and reported the matter to Chief Executive Eugene Kaspersky.
“We deleted the archive because we don’t need the source code to improve our protection technologies and because of concerns regarding the handling of classified materials,” said Kaspersky spokeswoman Sarah Kitsos.
The Lab claimed that after realizing that the downloaded secret hacking tools were classified, they deleted every file. In September, US officials ordered the probe saying the firm was influenced by Kremlin, and compromised data could harm national security.
"The archive was deleted from all our systems. The archive was not shared with any third parties," Kaspersky Lab said on Tuesday.
According to Kaspersky Lab's investigation, on 11 September 2014, the NSA's contractor was working on his personal computer at home when he detected a piece of malware.
"US law tolerates inadvertent acquisition of classified data but doesn't allow to distribute it. We deleted it to follow the law," the company's CEO Eugene Kaspersky tweeted on Wednesday. The Russian security firm added: "Kaspersky Lab has never created any detection of non-weaponized (non-malicious) documents in its products based on keywords like 'top secret' and 'classified'."
The company was not able to pinpoint the exact date as the contractor apparently disabled the Kaspersky antivirus software. On 4 October 2014, the contractor again turned the antivirus software back on.
“The user appears to have downloaded and installed pirated software on his machines, as indicated by an illegal Microsoft Office activation key generator,” Kaspersky says. “The malware dropped from the trojanised keygen was a full-blown backdoor, which may have allowed third parties access to the user’s machine.”
While reviewing the file’s contents, the company removed all the files and reported the matter to Chief Executive Eugene Kaspersky.
“We deleted the archive because we don’t need the source code to improve our protection technologies and because of concerns regarding the handling of classified materials,” said Kaspersky spokeswoman Sarah Kitsos.