Russia's Kaspersky threatened to 'rub out' rival AVG?

[dud]

According to Reuters they did:

"In 2009, Eugene Kaspersky, co-founder of one of the world's top security companies, told some of his lieutenants that they should attack rival antivirus software maker AVG Technologies N.V. (AVG.N) by "rubbing them out in the outhouse," one of several previously undisclosed emails shows.

He was quoting from Vladimir Putin's famous threat a decade earlier to pursue Chechen rebels wherever they were: "If we catch them in the toilet, then we will rub them out in the outhouse."

Former employees say that the reprisal Kaspersky was pushing for was to trick AVG's antivirus software into producing false positives - that is, misclassifying clean computer files as infected."



If interested, the rest of the article can be found here:

http://www.reuters.com/article/2015/08/28/us-kaspersky-rivals-idUSKCN0QX2GO20150828

 

[Spacehead]

Heard about this on the latest Security Now podcast(Episode #521).
From the podcast:

So what is publicly known is that, in an effort to prove that other companies were ripping off its work, Kaspersky has said that it ran an experiment. It created 10 harmless files and told VirusTotal that it regarded them as malicious. So this is very different than taking important files, like core Windows OS files, and basically creating malicious versions that other companies will then pick up on. And, like, for example, Kaspersky would create malicious versions of real files, would not put those patterns into their own product, but would let it be publicly known that there were malicious versions of these files around so that these other companies would start deleting them from their customers' machines.

So this is different than that. This was a probe to verify that this was going on. So they created 10 harmless files, but told VirusTotal that they, Kaspersky, regarded them as malicious. And of course, as we know, VirusTotal aggregates information on suspicious files and shares them, shares that with security companies. Within a week and a half, all 10 files were declared dangerous by as many as 14 security companies that had blindly followed Kaspersky's lead.

AVG wasn't the only one targeted. And supposedly they've been doing this for a long time.
Basically Kaspersky thinks other are ripping off his work.

http://www.reuters.com/article/2015/08/14/us-kaspersky-rivals-idUSKCN0QJ1CR20150814

 

[John Connor]

Caspersky is crap. I wouldn't trust that Ruskie made "anti-virus" at all.

 

[Murloc]

well I would want to screw with copycats as well.

 

[PliotronX]

I don't get it, it's not like other AV engines are duplicating source code. If one of the most prominent security companies identifies something as malicious, others would do well to listen. Immitation is the sincerest form of flattery and it improves general security of the populace. It's going to get ugly when identification of malicious code is patented. This can only end badly.

 

[MongGrel]

I'm not that surprised to be honest.

I used to use Kaspersky over a decade ago.

One Aerospace place I used to work at used to warn about using it long ago.

It was actually a security issue there.

But I really don't trust Norton either.

 

[ringtail]

as I understand it, back during the years you cite the sub-attractive Natalya Kaspersky dumped her husband Eugene Kaspersky in an acrimonious divorce, with money and rights to Kaspersky source code in savage contention, then Natalya went off to be CEO of InfoWatch.

Management of Kaspersky NOW is different than back in the jurrasic years you cite.

Also, as you already know, all the antivirus (AV) brands like Kaspersky and others located in "problematic" places (from USA viewpoint) like Russia, India, etc. are not welcome by Security people in USA who oversee computer systems.

(Although I lean toward thinking that today, in Sept 2015, ALL the "static antivirus signature" detection brands are an anachronism utterly useless, because malware designers have learned how to evade that old school "static antivirus signature stuff>>>

Hell, I ain't no great shakes as a programmer and EVEN I, practically a layman, can write code that successfully evades pretty advanced static sig detectors. And so can high school kiddies in their millions (considering the entire world), not to mention ANY intelligence service worldwide. They can surreptitiously flash your bios undetected, plant their stuff into your computer, then read EVERYTHING. And maybe also deeper on your HDD than a reformat cleans.)

NOW, we all N E E D a SURPASSINGLY EXCELLENT (not a me-too brand) sandbox to catch & kill the SMART stuff.

The answer is populated by 2 members: Fire Eye and Lastline (which is the MUCH MORE ADVANCED and DEADLIEST of the 2).

After LastLine and FireEye, then the pandering crowd of "also-rans" and lesser lights are churning email and the web about "plans" to "develop" or news that they're "just a few weeks from releasing."

All the traditional Antivirus brands are trying to catch the sea change and shift their sales push to Sandbox tech hoping to catch some of the new profits.

Users mainly STILL are bovinely chewing their cud, with their 2005 headset on, stupidly OBLIVIOUS.

Slowly, a few of the smarter ones are WAKING UP to realize their O L D E N "static anti virus signatures" detection software is obsolete, ridiculously innefective against 2015's adaptive malware.

Reality: EVEN IF you're an investor in development of one of the literally hundreds of other "me too" brands, buy LastLine or Fire eye.

Lesson learned: ANY network-connected computer IS NOT SECURE, don;t care what your precautions are. Air-gapped else compromised!

 

[John Connor]

I use Sandboxie, NoScript and uBlock with the malware sigs. If I download a file I sacn it over at Virustotal. Above all else I use common sense. Have the networked secured with IPtables and other crap and soon will deploy Sophos Firewall. On some computers I have Comodo Firewall installed and the defense setting is like a white list where by anything not on that list is asked to execute. I scan the computers regularly with various tools from Bleeping Computer along with RookMilano and Detekt.

This is not to say standard anti-virus doesn't work. My uncle, a computer noob surfs and does crap on the puter that would blow your mind in terms of lack of basic common sense security. He lives out of state and when he had a problem I Teamviewered into his Comp and found that Bitdefender free quarantined some odd 19 viruses. I still however had to run ADwcleaner on that thing.

Quit frankly I'm a little disappointed I haven't caught anything. LOL

 

[Murloc]

I don't get it, it's not like other AV engines are duplicating source code. If one of the most prominent security companies identifies something as malicious, others would do well to listen. Immitation is the sincerest form of flattery and it improves general security of the populace. It's going to get ugly when identification of malicious code is patented. This can only end badly.

well you're right, the chinese copycats are shameless but they're just copying the results of the software developed by them.

But I really don't trust Norton either.

it's not even a matter of trust, Norton feels like the Ask! Malware when I tried to uninstall it back in the XP era.

I use Sandboxie, NoScript and uBlock with the malware sigs. If I download a file I sacn it over at Virustotal. Above all else I use common sense. Have the networked secured with IPtables and other crap and soon will deploy Sophos Firewall. On some computers I have Comodo Firewall installed and the defense setting is like a white list where by anything not on that list is asked to execute. I scan the computers regularly with various tools from Bleeping Computer along with RookMilano and Detekt.

This is not to say standard anti-virus doesn't work. My uncle, a computer noob surfs and does crap on the puter that would blow your mind in terms of lack of basic common sense security. He lives out of state and when he had a problem I Teamviewered into his Comp and found that Bitdefender free quarantined some odd 19 viruses. I still however had to run ADwcleaner on that thing.

Quit frankly I'm a little disappointed I haven't caught anything. LOL

I don't what kind of job you do, but for the average computer savvy joe, that would be overdoing it.
I do the bare minimum (I just have Avast on this computer) but with common sense I've always avoided issues.
People like your uncle are the model customer AV companies have to think about....