Friday October 27, 2017

Kaspersky Says NSA Employee Used Backdoored MS Office Key Gen

Iain Thomson at theregister discusses a report from Kaspersky that details how hackers could have stolen powerful and highly confidential software exploits from an NSA employee's Windows PC. According to the report, the NSA employee downloaded a backdoored MS Office key gen and Office ISO. He disabled Kaspersky AV so he could run the key gen and then reenabled the AV. Upon the next scan of the AV it noticed some interesting code and phoned it back home. This is how Kaspersky says they gained knowledge/possession of the NSA classified code. All in all this is getting more interesting all the time.

News Image

The NSA employee's home PC was one of those tens of millions of machines running Kaspersky antivirus. Kaspersky was, therefore, accused of detecting the American cyber-weapons on the PC via its tools, tipping off Kremlin spies, and effectively helping them hack the machine to siphon off the valuable vulnerability exploits.

Well, not quite, says Kaspersky.