More details surface about Kaspersky Labs' shadow project

Aug 29, 2015 09:25 GMT  ·  By
Internal emails from Kaspersky Labs CEO leak, show his involvement in the doctored virus samples scandal
   Internal emails from Kaspersky Labs CEO leak, show his involvement in the doctored virus samples scandal

Two weeks ago, two former employees came out in the media, revealing the involvement of Kaspersky Labs in an operation that spread false malware to competing anti-virus firms.

Now, Reuters is reporting that Eugene Kaspersky, the company's CEO, had a general hatred for AVG, one of its competitors.

Leaked emails from 2009 show that Kaspersky's CEO had a clear intention of running a shadow project that would imply spreading false positives amongst its competition, and more precisely AVG.

Kaspersky: I get the desire to smack them with their falses

"More and more I get the desire to smack them with their falses," said Eugene Kaspersky in an email dated to July 23 2009.

"AVG is carrying out an HR attack on the company, mostly the managers," he then continued, referring to the fact the company was losing top execs, who were moving to AVG.

In a later email dated to October 8 2009, Kaspersky also noted, "To be honest, I'll feel pretty bad when AVG goes public and earns a billion. They won't say thanks to you or me - don't even hope."

What the two former employees claimed when the story first came out was that Kaspersky Labs opted to implement this shadow project after competing anti-virus companies started to use Kaspersky's research and malware detection database in their own products.

This obviously irritated Eugene Kaspersky, which used a term coined by Vladimir Putin when dealing with Chechen rebels, "rubbing them out in the outhouse."

The Kaspersky CEO wrote in an email, "'Rubbing out' is one of the methods, which we will DEFINITELY use in combination with other methods."

In a statement for Reuters, AVG's CTO, Yuval Ben-Itzhak, said the company recorded a huge wave of doctored virus samples between 2009 and 2013.

A similar tactic was used to enter the Chinese market

The emails shown to Reuters staff also contain information about a similar campaign used in China, against the Chinese AV maker Jiangmin.

Feeling that Jiangmin was also stealing its data, Kaspersky apparently launched a similar wave of false positives that allowed it to get a foothold in the Chinese market.

"We've already had an experience 'rubbing out' - in China. In year 2002-2003. And we did end up moving one of then-market leaders. [...] Something tells me that without that 'rubber bomb,' things wouldn't be so rosy for us in China," reads the leaked email.

Update: As with our previous article on this issue, Kaspersky Lab's official statement denies any merit to the Reuters stories:

"Reuters story was based on emails that may not be legitimate and were obtained from anonymous sources that have a hidden agenda. Taking supposed statements out of context and greatly speculating on their meaning, does not provide evidence for these ongoing false allegations by disgruntled, ex-employees. Kaspersky Lab has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing. Such actions are unethical, dishonest and illegal. Accusations spread by disgruntled ex-employees are meritless and simply false.”

More of the same can be read on the CEO's personal blog.