tao Posted October 6, 2017 Share Posted October 6, 2017 How long can Kaspersky survive the assault on its business in America? It's already been thrown out of Best Buy stores, is close to being expelled from U.S. government networks and even private industry are being told to stop using the Russian company's anti-virus tools. Then yesterday another bombshell, the biggest so far regarding the company's alleged links to Russian government hackers: an NSA employee was compromised by Russians who allegedly used Kaspersky to determine there were files of interest related to the intelligence agency's cyber operations on the victim's computer. Nail after nail has been put in Kaspersky's American coffin, but is it going six feet under on these shores? Not yet. There's enough wiggle room left open by the reporting, largely and understandably based on anonymous sources, for the Russian security giant, led by billionaire CEO Eugene Kaspersky, to keep alive. Just. To recall the accusations in the WSJ's report: in 2015 a substantial but unspecified number of files were stolen from an NSA contractor's PC. The hackers were alerted "to the presence of files that may have been taken from the NSA," the report noted, citing according to anonymous sources. A subsequent Washington Post article confirmed this leak, the third major breach of sensitive NSA data in the last decade after the Edward Snowden and Harold T. Martin III incidents, the hacked party was a Vietnamese national who worked in the NSA's elite hacking division, Tailored Access Operations. Previous reports suggested he was a contractor. The government investigation is ongoing. A billionaire's fury There's little detail on what role Kaspersky or its software played in the breach. In the worst case scenario for Kaspersky, it would've actively colluded with the Russian government, purposefully passing on data collected by its antivirus systems to pinpoint which computers contained NSA cyber tools, most likely those it researched, such as those produced by the Equation Group. Kaspersky Lab was the first to detail the tools of that latter crew, widely believed to belong to the NSA and which a shady crew called the Shadow Brokers claimed to have stolen. The group subsequently leaked cyber tools, most notoriously those targeting Microsoft Windows that ended up being adapted to spread the WannaCry ransomware. Or it may be that whoever hacked Kaspersky in 2015 managed to pilfer that information and pass it on to the Kremlin's digital sleuths. The hackers might also have exploited Kaspersky as a way into the contractor's PC; researchers have found multiple vulnerabilities in the anti-virus in recent years, including recent finds by Google and one hole that tricked Kaspersky into funnelling stolen data out of a hacked computer via its own cloud. Finally, it's possible Russian spies intercepted the data after it was flagged on the user's PC by Kaspersky and sent to the company's Russian servers for analysis, a typical process in anti-virus systems. But there's no evidence indicating any of those three scenarios happened, and Eugene Kaspersky, who's repeatedly been the subject of reports linking him to Russian intelligence agencies, didn't give much credence to them. Quite the opposite. Not long after Thursday's story broke, the chief issued another vociferous response, having previously defended his company and his reputation on Forbes. He labelled the report "sensationalist," and at the heart of his defense was his note that Kaspersky has to have deep access to a computer's files in order to determine what was malicious. It appeared to the CEO that a Kaspersky tool did its job in finding possible NSA malware (he also cited the Equation Group research, but didn't link it to the agency) and that some added "fictional" information made it seem like the company was somehow complicit in helping Russian government hackers. "While protecting our customers, we do – as any other cybersecurity vendors – check the health of a computer. It works like an X-ray: the security solution can see almost everything in order to identify problems, but it cannot attribute what it sees to a particular user," he wrote. "If our technologies detect anything suspicious and this object is identified as malware, in a matter of minutes ALL our clients no matter who and where they are, will receive protection from this threat. Citing a tweet from former GCHQ cyber specialist Matt Tait that Kaspersky could've simply detected NSA spy tools on the infected computer, the CEO added: "The new allegations look to me like that: someone just took this process of how we deal with a threat, added some fictional details, and here we go – the new C level movie script is ready." Kaspersky also issued an official response, questioning the anonymous sources in the WSJ report and reiterating it had no inappropriate ties to government. "The only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight," the company said. Western defenders? But Kaspersky isn't definitively done in America. It has its supporters in the west, despite the government's apparent antipathy. Former NSA staffer and long-time cyber specialist for the U.S. government, Jake Williams, said the allegations were "certainly damning if true." But he feared confirmation bias on behalf on the analysts who looked into the hack of the contractor's PC. "I would be skeptical of any forensic analyst who says they can tie the theft of files on the machine to Kaspersky software. Now if the intelligence community has additional collection that proves those files were collected by Kaspersky, then that's something else entirely," Williams told Forbes. "As it stands, this sounds like it could be a case of confirmation bias. The contractor took classified documents home, those documents were found to have been compromised, and when it was discovered they were running Kaspersky on their machine an analyst said 'aha, it was Kaspersky that enabled hackers to compromise the machine.'" Thomas Rid, a professor at Kings College London who's worked alongside Kaspersky researchers, concurred there weren't enough facts to kill Kaspersky. "Not if you're assessing the evidence on its merits," he added. "But that is so old-fashioned." < Here > Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 6, 2017 Share Posted October 6, 2017 i think it is Lights Out For Kaspersky in usa now lets see what good it do Link to comment Share on other sites More sharing options...
steven36 Posted October 6, 2017 Share Posted October 6, 2017 Quote linuxlady01 3 points 21 hours ago A computer that holds nsa top secret tools that runs antivirus ???!!! Did they run windows and surf the net while doing work classified work too ? Facepalm so sad ! Quote highlow33 6 points 21 hours ago Honestly it wouldn't surprise me from my experiences with "top" FBI security "experts". I think those positions rely more on being able to lie convincingly and telling the higher ups what they want to hear while also good at throwing people under a bus. Quote linuxlady01 2 points 21 hours ago Omg! I wish you were kidding, that's actually scary. Glad I don't work for them, that sounds like a horrible work environment. Quote Cmdr-data 5 points 21 hours ago It was his home computer. Quote linuxlady01 3 points 21 hours ago What the actual f*ck ! That's our governments bad imo. How do we know that he didn't just sell the knowledge and blame a politically popular target? Quote Hellman109 1 point 16 hours ago Exactly, he could have sold those secrets and used a scapegoat. Link to comment Share on other sites More sharing options...
pc71520 Posted October 7, 2017 Share Posted October 7, 2017 Relevant Thread Link to comment Share on other sites More sharing options...
Jogs Posted October 7, 2017 Share Posted October 7, 2017 Many times OSes are compromised to hack someones computer, does that mean everyone stops using the OS? Then, Windows and Android should then be thrown out of every PC and mobile. Link to comment Share on other sites More sharing options...
straycat19 Posted October 7, 2017 Share Posted October 7, 2017 19 hours ago, adi said: I would be skeptical of any forensic analyst who says they can tie the theft of files on the machine to Kaspersky software. I would be skeptical also, if I didn't know anything about forensics, and wasn't aware of what all those unseen little 0s and 1s can tell a forensic investigator. I didn't get to see that computer but I know from experience that scanners/systems produce log files, and those files can contain file names, and the log files can also tell an investigator when they were accessed. Then there are other log files that can tell an investigator where the access came from by correlating the date/time of the access and the connections at that time. What you can't see those log files? Probably not, which is why a forensic image is take of the drive and then special software is used to pick up pieces of files that are left in currently unused areas of the drive. I have been able to recover data off a drive that was deleted 6 years prior to the incident that resulted in the drive being collected. Sometimes it requires looking at a bunch of gibberish before you see one or two sentences or phrases and as you continue reading more data comes to light. When all the data is put together a definitive picture can be made of who, what, where, and when. It's not that the investigator has psychic powers, just that the software used has become so advanced that there is very little that can be hidden on a computer in this day and age. Link to comment Share on other sites More sharing options...
Whoopenstein Posted October 7, 2017 Share Posted October 7, 2017 I'm thinking the governments listen in on the same addresses that software uses to update their definitions. It probably has nothing to do with Kaspersky. Although it's kind of funny that the names of files scanned should be uploaded with statistics. Then again, if a file sets off the AV, the name is probably uploaded. Maybe the guy had some special tools in his files. Link to comment Share on other sites More sharing options...
banned Posted October 8, 2017 Share Posted October 8, 2017 In today's day and age it's common practice for AV vendors to constantly collect data and phone home. But what difference does it make when your OS already does the same thing... Don't trust Kaspersky? Who DO you trust? Link to comment Share on other sites More sharing options...
steven36 Posted October 9, 2017 Share Posted October 9, 2017 12 hours ago, banned said: In today's day and age it's common practice for AV vendors to constantly collect data and phone home. But what difference does it make when your OS already does the same thing... Don't trust Kaspersky? Who DO you trust? I guess that sort up too you and who do you trust and were you are from. Many people from the USA rather have there own government snooping on them than a outside government doing it . I rather not have nether spying on me .Not everyone trust Microsoft with there Info so they use Linux . Many privacy lovers don't use windows at all . But there is just as much chance of you getting hacked visiting some website as using Kaspersky as a home user. But fact is regardless if any of it true are not, the damage is all ready done and i don't never think Kaspersky will ever be able too recover from this in the USA from what i hear from others in the USA . They don't want too use it because its not in there best interest too be spied on or hacked by outside entities . Them saying they still have people in the USA that support them ,blah, blah, blah is just words and don't heal the damage already done witch made lots of people think about should they use there products or not as far as the people in the USA go. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 9, 2017 Share Posted October 9, 2017 people say Kaspersky will never be able too recover i think it will recover not in the usa but will recover for me i like to just have kis for russia and let people from usa use things like windows defender and no good things like that or norton if people want to feel safe then sure use a usa program if u think it make u more safer sure do as u think is best Link to comment Share on other sites More sharing options...
steven36 Posted October 9, 2017 Share Posted October 9, 2017 20 minutes ago, knowledge said: people say Kaspersky will never be able too recover i think it will recover not in the usa but will recover for me i like to just have kis for russia and let people from usa use things like windows defender and no good things like that or norton if people want to feel safe then sure use a usa program if u think it make u more safer sure do as u think is best That's the problem China don't trust the USA or Russian software and everything from the USA that is used in Russia already has to be audited and passed by you're Government to even be used there.. no one trust no one . But the media are the ones who hurt Kaspersky the most in the USA rumors spread like wildfire. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 9, 2017 Share Posted October 9, 2017 2 minutes ago, steven36 said: That's the problem China don't trust the USA or Russian software and everything from the USA that is used in Russia already has to be audited and passed by you're Government to even be used there.. no one trust no one . But the media are the ones who hurt Kaspersky the most in the USA rumors spread like wildfire. But the media are the ones who hurt Kaspersky the most in the USA its ok we all see what usa is doing we have are turn to hurt usa all the times usa media say russia hackers i do not think usa boss understand what can happen when play games like this with no real proof and lies but its ok we wait for are go to hit back sad games all this for what ? Link to comment Share on other sites More sharing options...
steven36 Posted October 9, 2017 Share Posted October 9, 2017 6 minutes ago, knowledge said: But the media are the ones who hurt Kaspersky the most in the USA its ok we all see what usa is doing we have are turn to hurt usa all the times usa media say russia hackers i do not think usa boss understand what can happen when play games like this with no real proof and lies but its ok we wait for are go to hit back sad games all this for what ? Norton is no threat anymore they have a very small home user base even in the USA. The big threat remains the same too all 3rd party Anti-malware. It is another one in the USA is called Windows Defender no one even has to install it , it's free and made by the same company that makes Windows and Most Windows 10 fanboys love it . 3rd party Anti-malware has done had it's rain on earth and is slowly being replaced by baked in products . Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 9, 2017 Share Posted October 9, 2017 2 minutes ago, steven36 said: Norton is no threat anymore they have a very small home user base even in the USA. The big threat remains the same too all 3rd party Anti-malware is another one in the USA is called Windows Defender no one even has to install it , it's free and made by the same company that makes Windows and Most Windows 10 fanboys love it . 3rd party Anti-malware has done had it's rain on earth and is slowly being replaced by baked in products . but norton still have backdoors no ? all windows 10 users use Windows Defender no ? it's free and made by the same company that makes Windows and windows not spy on users no ? kis was just looking for bad code or hacking tools and make sure its users are safe when people say or said kis takes the hacking tools who make them tools not kis and yet kis is the bad guys funny how people think Link to comment Share on other sites More sharing options...
steven36 Posted October 9, 2017 Share Posted October 9, 2017 36 minutes ago, knowledge said: but norton still have backdoors no ? all windows 10 users use Windows Defender no ? it's free and made by the same company that makes Windows and windows not spy on users no ? kis was just looking for bad code or hacking tools and make sure its users are safe when people say or said kis takes the hacking tools who make them tools not kis and yet kis is the bad guys funny how people think None of this matters like what Banned said Windows is all ready spying on us , so why would it matter if you're antivirus does? If you was really worried about the USA spying on you would not be using windows no way . You're Government may audit what they use in Government but the stuff you download from vendors off the good old WWW has not been audited . We as consumers can't really audit software unless it's open source we don't have the same benefits as Government and we could be installing anything and that's why they have a TOSS for you too read before you install it and if you do it's on you then. People sold there privacy out too Google , Facebook and others years ago for a like button , free info and programs . The ones who care about privacy is maybe 1 out of 10 users and Microsoft was late too the party is all. And hardly no one reads the TOSS before they use stuff on the web or install stuff but when they hit agree they agreed to it. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 9, 2017 Share Posted October 9, 2017 y usa not remove kaspersky from this page ? https://support.microsoft.com/en-gb/help/18900/consumer-antivirus-software-providers-for-windows Link to comment Share on other sites More sharing options...
tao Posted October 10, 2017 Author Share Posted October 10, 2017 Because Kaspersky anti-virus is rated at the top -- the best, perhaps. And who doesn't like the best? Link to comment Share on other sites More sharing options...
sam3971 Posted October 10, 2017 Share Posted October 10, 2017 2 hours ago, knowledge said: y usa not remove kaspersky from this page ? https://support.microsoft.com/en-gb/help/18900/consumer-antivirus-software-providers-for-windows They are not going to remove it here because M$ still has Kaspersky as an authorized partner. The only difference is that Kaspersky was removed from Gov machines and the FBI is recommending the private sector to stop using it. M$ can still push whatever they want. Link to comment Share on other sites More sharing options...
UnknownOne Posted October 10, 2017 Share Posted October 10, 2017 Maybe it's time for an open source anti virus / malware.. when this happen I will use one, until then If I had to choose I would use the one's the government's don't want you too Link to comment Share on other sites More sharing options...
BioHazard Posted October 10, 2017 Share Posted October 10, 2017 I will continue to use Kaspersky and don't care about what US government says Link to comment Share on other sites More sharing options...
pc71520 Posted October 10, 2017 Share Posted October 10, 2017 52 minutes ago, BioHazard said: I don't care about what US government says. Count me in. Link to comment Share on other sites More sharing options...
nIGHT Posted October 10, 2017 Share Posted October 10, 2017 On 10/7/2017 at 9:46 PM, straycat19 said: I would be skeptical also, if I didn't know anything about forensics, and wasn't aware of what all those unseen little 0s and 1s can tell a forensic investigator. I didn't get to see that computer but I know from experience that scanners/systems produce log files, and those files can contain file names, and the log files can also tell an investigator when they were accessed. Then there are other log files that can tell an investigator where the access came from by correlating the date/time of the access and the connections at that time. What you can't see those log files? Probably not, which is why a forensic image is take of the drive and then special software is used to pick up pieces of files that are left in currently unused areas of the drive. I have been able to recover data off a drive that was deleted 6 years prior to the incident that resulted in the drive being collected. Sometimes it requires looking at a bunch of gibberish before you see one or two sentences or phrases and as you continue reading more data comes to light. When all the data is put together a definitive picture can be made of who, what, where, and when. It's not that the investigator has psychic powers, just that the software used has become so advanced that there is very little that can be hidden on a computer in this day and age. Very true. A simple firewall can log the the protocol, local and remote ip., the corresponding program using the connection, time and many more. There are softwares that also help "sniff" the actual data and files these programs are accessing and sending to the web, and logging all the details of local and remote ips and the duration of the connection, the type of connection, time of file access, etc. They come in so many forms like firewalls, proxy, anti-malware/security/hips, or just a MITM appliance. You don't need to be a forensic expert just to see and understand how these things connect to one another. What he is saying above is when an actual disassembly of the program will reveal its guilt or innocence, if it has included a hidden code for backdoor/hacking of the victims computer to where this software was installed.. But even on a user level knowledge, with the use of scanner software mentioned above, one can also tell whether these dots connect. Might! Note that if it reveals its innocence on a user level way, this doesn't mean it doesn't have a hidden code for backdoors when thoroughly dissassemble and analyze. User level way is only useful to prove its guilt and not of its innocence, so trust the forensic expert on this.. In short, straycat19 knows a lot about forensics and he is just being very nice in his reply while trying to educate us. I like this guy. straycat19 is one of the NO BS member here, he is frank and straight to the point, so listen to his recommendation. "Believe the one showing you a solid proof, through disassembly and analysis/forensics of code and logged data, than just empty words." Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted October 10, 2017 Share Posted October 10, 2017 it will be Lights Out forUS media in russia soon if usa keep trying to hit rt and the internet censorship starts Link to comment Share on other sites More sharing options...
RejZoR Posted October 10, 2017 Share Posted October 10, 2017 So much drama for nothing. It's lights out for Kaspersky only for idiots who don't understand how things work. Of course Kaspersky cooperates with Russian version of NSA. Kaspersky is Russian company. Do you people think McAfee, Symantec or Microsoft don't work with FBI, CIA and NSA as an American security companies? Of course they do. Do you see Russian officials going mad over people using American security products? I don't. It's how security firms operate if they want to be efficient at catching cyber criminals. It's just funny to observe people going mad over Kaspersky doing the same thing EVERYONE else is doing. But Russia is bad and USA saves the world? No, they can all be equally dirty and equally as trusted. I know Eugene Kaspersky from professional work (not in person) and I know he's a top notch security expert employing one of the most brilliant security minds. Pretending otherwise is just retarded and shows massive ignorance. The only others running around panicking are the retarded mainstream media which is so dumb I'm surprised anyone actually still watches those idiots... If you like Kaspersky, keep using it. They know their stuff and they have quality programs. If you don't trust Kaspersky, then neither should you Symantec or McAfee... Link to comment Share on other sites More sharing options...
pc71520 Posted October 11, 2017 Share Posted October 11, 2017 19 hours ago, RejZoR said: Do you people think McAfee, Symantec or Microsoft don't work with FBI, CIA and NSA as an American security companies? Of course they do. Well, Uncle Sam forgot about it... 19 hours ago, RejZoR said: If you don't trust Kaspersky, then neither should you trust Symantec or McAfee... 19 hours ago, RejZoR said: But Russia is bad and USA saves the world? According to Hollywood... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.