Morisato

Israel hacked Kaspersky; tips NSA that its tools had been breached

Recommended Posts

I wish AV vendors including Eset "good luck" at getting anyone to upload any data after this incident. Per the NY times article:

Quote

Its popular antivirus software scans for signatures of malicious software, or malware, then removes or neuters it before sending a report back to Kaspersky. That procedure, routine for such software, provided a perfect tool for Russian intelligence to exploit to survey the contents of computers and retrieve whatever they found of interest.

 

Share this post


Link to post
Share on other sites

Data collection/distribution is part of every AV and it's been going on for longer than these articles imply.

Share this post


Link to post
Share on other sites

Anti-Russian articles in the USA media is no surprise at this time. It wasn't too long ago the USA were seen as the 'bad guys' e.g. hxxp://www.theregister.co.uk/2013/07/05/americans_to_fess_up_to_spying_on_europeans/

Some of the comments on the first story on the Washington Post are as nutty as the story itself. Xenophobia at its worst.

persian-boy likes this

Share this post


Link to post
Share on other sites

Can we get any kind of assurance from ESET that they're not similarly compromised like Kaspersky supposedly is?

Share this post


Link to post
Share on other sites
On 10/15/2017 at 5:12 PM, productionpaint said:

Can we get any kind of assurance from ESET that they're not similarly compromised like Kaspersky supposedly is?

ESET has no comment on this story at this time ("Kaspersky compromised") as details are still emerging. However, our implementation is different and we operate under the laws of the EU, and Slovakia is a member of the European Union and NATO. Slovakia is also on the list of DOD approved countries (http://gsa.federalschedules.com/resources/taa-designated-countries/). 
 

TomFace and TJP like this

Share this post


Link to post
Share on other sites

Might have missed this part of that article? Was updated today:

Quote

 

ESET's Response

ESET says that by default, its products don't send any user files to the cloud for scanning, but instead send hashes of suspect files. "However, if the user decides to send files/items for analysis, this option is also available in our products," a spokesman tells ISMG. "In such cases all of the processed information is encrypted, including metadata."

Users can opt in to sharing suspect files during software installation. Even so, only suspicious files will be submitted, and numerous files types, including documents, "are excluded from submission by default," ESET says. All suspicious files are submitted to ESET anonymously and are not connected to any license information, it says.

The company says it does not share files with VirusTotal, or for that matter law-enforcement agencies or intelligence agencies, but notes that "in the case of a legitimate request we follow standard procedures required by [EU or national] legislation.

 

 

Edited by jdashn
SCR likes this

Share this post


Link to post
Share on other sites
39 minutes ago, jdashn said:

Might have missed this part of that article? Was updated today:

 

thanks for the heads up. 

jdashn likes this

Share this post


Link to post
Share on other sites

Thanks for the update jdashn.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.