Eugene Kaspersky has taken to the world wide web to strongly rebut allegations made in a Reuters story that his firm deliberately tried to tarnish the reputation of its rivals by tricking them into classifying legitimate files as malicious.
The Kapersky Lab co-founder and CEO took to Twitter and penned an angry blog post on Friday, dismissing the allegations as “complete nonsense, pure and simple.”
The original story, which relies mainly on evidence from two anonymous former employees at the Moscow-headquartered anti-malware firm, claimed Kaspersky ordered the secret campaign to hit back at rival vendors which he thought had copied his software rather than build their own.
These included Microsoft, AVG and Avast, the report said.
Specifically, employees were told to inject malware into legitimate files and submit them to Virus Total, the idea being that if the file looked close enough to the original then rival AV firms may flag it as malicious – creating a false positive.
Kaspersky Lab is accused of engaging in this kind of activity sporadically for over a decade – especially between 2009 and 2013.
But Kaspersky has hit back, claiming that his company was also a victim of such attacks, which ramped up between 2012-13.
He explained:
“In 2012-2013, the anti-malware industry suffered badly because of serious problems with false positives. And unfortunately, we were among the companies badly affected. It turned out to be a coordinated attack on the industry: someone was spreading legitimate software laced with malicious code targeting specifically the antivirus engines of many companies, including KL. It remains a mystery who staged the attack, but now I’m being told it was me! I sure didn’t see that one coming, and am totally surprised by this baseless accusation!”
Kaspersky’s protestations were backed by Symantec reverse engineer and researcher, Liam O’Murchu, who expressed surprise at the allegations.
“We had investigated these attacks but could not find out who was behind them. We had some suspects, Kaspersky was not one of them,” he tweeted on Friday.
Kaspersky concluded that he hoped people would be able to see through the “anonymous, silly and groundless accusations.”
“Do they really think an 18+ year-old business built 100% on trust would be doing such things?” he asked.