When it comes to protecting your PC, consumers turn to companies like Kaspersky, AVG, Microsoft and many others to provide anti-virus software to keep their computers free of viruses. But what if one of these companies was actively sabotaging the others in an attempt to damage their reputation?
According to two former employees, Kaspersky was doing just that after the company became frustrated that other vendors were copying its techniques for identifying files that were malicious.
Kaspersky, according to Reuters, created files that looked nearly identical to legitimate files on a PC and then would seed them to other security vendors. Because the security industry cross-shares content to help speed up the process at which anti-virus software is updated when malicious files are uncovered, Kaspersky used this platform to seed out fake files.
Because they were so similar to actual files on a PC, these files would cause other vendors, such as Microsoft and AVG, to flag the files as malicious and quarantine them. The result would be that the consumer's PC would be impacted; one incident was cited in which a printer file was hit by the false flag attack. This false flag was not explicitly said to have come from Kaspersky but Microsoft noted that this incident led them to uncover hundreds of files that had the sale false flag issue.
Kaspersky denies this claim - not that you would expect them to come out and say that they purposefully targeted other vendors with false reports - but the end result was that the open channels used to share malware information among vendors, which were based on trust, are now broken.
The two former Kaspersky employees said that these attacks went on for more than 10 years with a peak between 2009 and 2013.
The full report about these attacks can be found here and is worth a read.