Moscow-based Kaspersky Lab tried to damage competitors in the web security market by tricking their antivirus software programs into classifying clean files as malicious, according to company's former employees.
The campaign reportedly targeted Microsoft, AVG Technologies, Avast Software and other rivals, fooling some of them into deleting or disabling important files on their customers' PCs, Reuters reports citing unnamed ex-employees of Kaspersky Lab. Some of the attacks were ordered by Kaspersky Lab's co-founder, Eugene Kaspersky, in part to retaliate against smaller rivals that he felt were aping his software instead of developing their own technology, they said.
"Eugene considered this stealing," said one of the former employees.
Kaspersky Lab denied the reports.
"Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing," Kaspersky said in a statement to Reuters. "Such actions are unethical, dishonest and their legality is at least questionable."
Kaspersky has been popular in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm.
During the last 10 years, the soaring number of harmful computer programs have prompted security companies to share more information with each other such as samples of malware in order to keep their virus-detection engines updated. But the collaboration allowed companies to borrow heavily from each other's work instead of finding bad files on their own.
Kaspersky Lab in 2010 complained openly about copycats, calling for greater respect for intellectual property as data-sharing became more prevalent.
In an effort to prove that other companies were ripping off its work, Kaspersky said it created harmless files and told Google's VirusTotal that it regarded them as malicious. VirusTotal aggregates information on suspicious files and shares them with security companies. The specific files were quiclky flagged by VirusTotal as malicious.
When Kaspersky's complaints did not lead to significant change, the former employees said, it stepped up the sabotage.
Kaspersky's engineers would take an important piece of software commonly found in PCs and inject bad code into it so that the file looked like it was infected. They would send the file anonymously to VirusTotal.
Then, when competitors ran this doctored file through their virus detection engines, the file would be flagged as potentially malicious. If the doctored file looked close enough to the original, Kaspersky could fool rival companies into thinking the clean file was problematic as well.
In its response to Reuters, Kaspersky denied using this technique.