HOME

TheInfoList



OR:

Kaspersky Lab (;
Russian Russian(s) refers to anything related to Russia, including: *Russians (, ''russkiye''), an ethnic group of the East Slavic peoples, primarily living in Russia and neighboring countries *Rossiyane (), Russian language term for all citizens and peo ...
: Лаборатория Касперского, tr. ''Laboratoriya Kasperskogo'') is a Russian multinational
cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
and
anti-virus Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
provider headquartered in
Moscow Moscow ( , US chiefly ; rus, links=no, Москва, r=Moskva, p=mɐskˈva, a=Москва.ogg) is the capital and largest city of Russia. The city stands on the Moskva River in Central Russia, with a population estimated at 13.0 millio ...
,
Russia Russia (, , ), or the Russian Federation, is a transcontinental country spanning Eastern Europe and Northern Asia. It is the largest country in the world, with its internationally recognised territory covering , and encompassing one-eig ...
, and operated by a
holding company A holding company is a company whose primary business is holding a controlling interest in the securities of other companies. A holding company usually does not produce goods or services itself. Its purpose is to own shares of other companies ...
in the
United Kingdom The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom (UK) or Britain, is a country in Europe, off the north-western coast of the European mainland, continental mainland. It comprises England, Scotlan ...
. It was founded in 1997 by
Eugene Kaspersky Yevgeny Valentinovich Kaspersky (Russian: Евгений Валентинович Касперский; born 4 October 1965) is a Russian cybersecurity expert and the CEO of Kaspersky Lab, an IT security company with 4,000 employees. He co-found ...
,
Natalya Kaspersky Natalya Ivanovna Kasperskaya (russian: Наталья Ивановна Касперская; born 5 February 1966 in Moscow, Soviet Union)—who, in the West, uses as her surname the masculine form ''Kaspersky''—is a Russian IT entrepreneur ...
, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services. Kaspersky expanded abroad from 2005 to 2010 and grew to $704 million in annual revenues by 2020, up 8% from 2016, though annual revenues were down 8% in North America due to U.S. government security concerns. As of 2016, the software has about 400 million users and has the largest market-share of cybersecurity software vendors in Europe. Kaspersky Lab ranks fourth in the global ranking of antivirus vendors by revenue. It was the first Russian company to be included into the rating of the world's leading software companies, called the Software Top 100 (79th on the list, as of June 29, 2012). Kaspersky Lab is ranked 4th in Endpoint Security segment according to IDC data for 2010. According to Gartner, Kaspersky Lab is currently the third largest vendor of consumer IT security software worldwide and the fifth largest vendor of Enterprise Endpoint Protection. In 2012 Kaspersky Lab was named a "Leader" in the Gartner Magic Quadrant for Endpoint Protection Platforms. The Kaspersky Global Research and Analysis Team (GReAT) has led the discovery of sophisticated espionage platforms conducted by nations, such as
Equation Group The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency (NSA). Kaspersky Labs de ...
and the
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing subs ...
worm. Various covert government-sponsored cyber-espionage efforts were uncovered through their research. Kaspersky also publishes the annual Global IT Security Risks Survey. As of 2014, Kaspersky's research hubs analyze more than 350,000 malware samples per day. Kaspersky has faced controversy over allegations that it has engaged with the Russian Federal Security Service (FSB)—ties which the company has actively denied. The U.S. Department of Homeland Security banned Kaspersky products from all government departments on September 13, 2017. In October 2017, subsequent reports alleged that hackers working for the Russian government stole confidential data from the home computer of an American National Security Agency contractor via Kaspersky antivirus software. Kaspersky denied the allegations, reporting that the software had detected Equation Group malware samples which it uploaded to its servers for analysis in its normal course of operation. The company has since announced commitments to increased accountability, such as soliciting independent reviews and verification of its software's source code, and announcing that it would migrate some of its core infrastructure for foreign customers from Russia to Switzerland. In November 2020 Kaspersky finished relocating the data of its customers from Russia to Switzerland. The company has also opened multiple transparency centers in Switzerland,
Brazil Brazil ( pt, Brasil; ), officially the Federative Republic of Brazil (Portuguese: ), is the largest country in both South America and Latin America. At and with over 217 million people, Brazil is the world's fifth-largest country by area ...
,
Canada Canada is a country in North America. Its ten provinces and three territories extend from the Atlantic Ocean to the Pacific Ocean and northward into the Arctic Ocean, covering over , making it the world's second-largest country by tot ...
,
Spain , image_flag = Bandera de España.svg , image_coat = Escudo de España (mazonado).svg , national_motto = ''Plus ultra'' (Latin)(English: "Further Beyond") , national_anthem = (English: "Royal March") , i ...
and
Malaysia Malaysia ( ; ) is a country in Southeast Asia. The federation, federal constitutional monarchy consists of States and federal territories of Malaysia, thirteen states and three federal territories, separated by the South China Sea into two r ...
which allow state agencies, government experts and regulators to review its source code.


History

The first version of Kaspersky Lab's antivirus software was developed by Eugene Kaspersky in 1989 in response to the Cascade Virus. Early versions had just 40 virus definitions and were mostly distributed to friends and family members. Kaspersky continued developing the software at KAMI, resulting in the AntiViral Toolkit Pro (AVP) product released in 1992. It was popularized in 1994 after a competitive analysis by Hamburg University gave his software first place. In 1997, Eugene Kaspersky, his wife Natalya Kaspersky, and Alexey De-Monderik left KAMI to form Kaspersky Lab, and to continue developing the antivirus product, then called AVP. The product was renamed Kaspersky Anti-Virus after an American company registered the AVP trademark in the US. In 1998, a Taiwanese student released a virus called CIH. During the first three weeks of the outbreak, Kaspersky Lab's AVP was the only software at the time able to remove it. This increased demand and led to deals with antivirus companies in Japan, Finland and Germany to integrate AVP into their software. According to ''
WIRED ''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San ...
'', Kaspersky's software was "advanced for the time". For example, it was the first software to monitor viruses in an isolated quarantine. The company's revenue grew 280 percent from 1998 to 2000, with about 60 percent of its revenue coming from foreign sales. Natalya worked to broker deals abroad and localize the software. It opened offices in the UK, Poland, Holland and China. It later expanded to Germany, France, the US and Japan. By 2000, the company had 65 employees and sales in more than 40 countries. Kaspersky opened new offices in South East Asia and the Middle East in 2008 and in South Africa in 2009. It also expanded in India, the Middle East and Africa in 2010. In 2009, retail sales of Kaspersky Lab's antivirus products reached almost 4.5 million copies per year. In 2011,
General Atlantic General Atlantic (also known as "GA") is an American growth equity firm providing capital and strategic support for global growth companies, headquartered in New York, United States. The firm was founded in 1980 as the captive investment team for ...
bought a 20 percent share of Kaspersky Lab for $200 million, with the expectation of helping the company go public. A few months later, the decision was made to keep the firm private and Kaspersky re-purchased the shares from General Atlantic. This was followed by numerous executive departures in 2011 and 2014 regarding disputes over going public and over Eugene Kaspersky's management style. On January 1, 2012, Kaspersky Lab officially left the Business Software Alliance (BSA) over
SOPA Sopa or SOPA may refer to: * Sopa (tribe), an Albanian tribe of the Sharr Mountains * Lake Sopa, Albania * School of Performing Arts Seoul, an arts high school in Seoul, South Korea * Senior Officer Present Afloat, a term used in the U.S. Navy ...
. The BSA had supported the controversial anti-piracy bill, but Kaspersky Lab did not support it stating, "we believe that such measures will be used contrary to the modern advances in technology and the needs of consumers," and to show their disapproval, announced their intent to leave on December 5, 2011. By 2013, the company had an unaudited $667 million in annual revenues. In 2014, Kaspersky Lab signed a distribution deal with Ingram Micro, which significantly expanded its reseller program. In August 2015, two former Kaspersky employees alleged that the company introduced modified files into the VirusTotal antivirus database to trick software from Kaspersky competitors into triggering false positives in virus and malware scans. A possible motive is that Eugene Kaspersky allegedly was furious at competitors perceived to be "unfairly" free-riding on Kaspersky's malware discoveries via the open-source VirusTotal database. The company denied the allegations. On his personal blog, Eugene Kaspersky compared the accusations to unsubstantiated conspiracy theories. Reuters followed up by publishing leaked emails allegedly from Kaspersky alluding to "falsies" and "rubbing out" foreign competitors; Kaspersky Lab stated the emails "may not be legitimate and were obtained from anonymous sources that have a hidden agenda". In 2016, Kaspersky executive Ruslan Stoyanov was arrested by Russian authorities on charges predating his work at Kaspersky. In 2019, he was convicted of treason.


Products and services

Kaspersky Lab develops and markets antivirus, internet security, password management, endpoint security, and other cybersecurity products and services. It is the fourth or fifth largest endpoint security vendor and the third largest consumer IT security software company. It is the sixth largest overall IT security company. Its revenues are about 15 percent from Russian companies domestically, one-third from European organizations and one-fourth from U.S. organizations. The software has about 400 million users in all. Kaspersky's consumer software include the Antivirus, Internet Security and Total Security products. The Antivirus software includes malware protection, monitors the PC for suspicious program behavior, and warns users about potentially dangerous websites. The Internet Security software adds privacy features, parental controls, anti-phishing tools. Total Security adds parental controls, adult website filters, diagnostic tools, a Password Manager application, and other features. Kaspersky's software is available for Macs, PCs, Android, iOS, Windows Mobile, BlackBerry and Symbian. For businesses the company markets the Kaspersky Endpoint Security for Business suite. It includes a centralized user interface and management application called the Kaspersky Security Center. The cybersecurity software itself is called the Kaspersky Security Network. The Kaspersky Administration KitSecurity Center manages configuration, installation and remote use. The business suite also has quarantine, reporting, and other features. Its software product for businesses with 25 staff or less is called Kaspersky Small Office Security (KSOS). Within the suite are products specifically for virtualization security, mobile security, and fraud protection among others. Kaspersky also develops a free tool that helps businesses gain access to Windows devices that are infected by ransomware.


Threatpost

Threatpost is a
computer security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
blog which is funded by Kaspersky Lab. According to
Eugene Kaspersky Yevgeny Valentinovich Kaspersky (Russian: Евгений Валентинович Касперский; born 4 October 1965) is a Russian cybersecurity expert and the CEO of Kaspersky Lab, an IT security company with 4,000 employees. He co-found ...
, it is editorial independent from Kaspersky. It was launched in 2009.


Partnerships

The Kaspersky Anti-Virus engine also powers products or solutions by other security vendors, such as Check Point, Bluecoat,
Juniper Networks Juniper Networks, Inc. is an American multinational corporation headquartered in Sunnyvale, California. The company develops and markets networking products, including routers, switches, network management software, network security product ...
, Microsoft Forefront, Netintelligence, Clearswift, FrontBridge, Netasq, Wedge Networks, and others. Altogether, more than 120 companies are licensing technology from Kaspersky Lab. Kaspersky Lab also has a number of partnerships with various technology companies. The
International Multilateral Partnership Against Cyber Threats The International Multilateral Partnership Against Cyber Threats (IMPACT) is the first United Nations-backed cybersecurity alliance. Since 2011, IMPACT serves as a key partner of the United Nations' (UN) specialised agency for ICTs – the Inte ...
in which Datuk Mohd Noor Amin acts as the Chairman, announced the appointment of Harry Cheung – Managing Director of Kaspersky Lab, APAC – as the Goodwill Ambassador for Greater China. Kaspersky Lab was a long term partner of Scuderia Ferrari and in December 2021, had announced a partnership extension with the Formula One team, and also became the team’s esports partner. However, in March 2022 the deal was paused as joint decision taken by the two companies due to the
2022 Russian invasion of Ukraine On 24 February 2022, in a major escalation of the Russo-Ukrainian War, which began in 2014. The invasion has resulted in tens of thousands of deaths on both sides. It has caused Europe's largest refugee crisis since World War II. ...
.


Market assessments and reception

According to ''PC Magazine'', Kaspersky AntiVirus and competitor Bitdefender are both consistently ranked at the top in independent competitive tests. ''PC Magazine's'' own malware and phishing tests had similar results and praised the software's "bonus security tools". Under "Cons" the magazine said it took longer than expected to complete a scan. The same magazine said the Kaspersky Total Security product had an "impressive feature list" and praised the extra features in the Total Security product, like password management, encryption and parental controls. ''PC Magazine'' said the product had scored highly in lab tests for antivirus, antiphishing and other features. It had "so-so" scores in anti-malware tests and wasn't able to catch all spam. Kaspersky's 2013 Endpoint Security for Windows product was the top-ranked enterprise antivirus software in a competitive test by Dennis Technology Labs, followed by Symantec Endpoint Protection. AV-Comparatives has awarded Kaspersky "Product of the Year" for 2015, based on the number of high scores it has gotten throughout the year on a wide range of tests. ''PC Magazine'' praised the software's features, but said it lacked policy management and deployment options. Kaspersky's parental controls software was reviewed by ''PC Magazine''. The reviewer said it was "well-rounded, very affordable parental control and monitoring". It praised the software's content filtering, child profiles, social media monitoring and other features, but criticized that some features were only available on iOS or Android. The anti-virus software testing group AV-Comparatives gave the Windows XP version of Kaspersky AV an "Advanced+" rating (its highest) in both its February 2008 on-demand detection test (with the fourth highest detection rate among 16 products tested). However, in the Retrospective/Proactive Test May 2008, Kaspersky received the "Standard" rating, detecting 21% of new malware with 1-month old signatures and receiving a substantial amount of false positives. The firewall included in Kaspersky Internet Security 7.0 got a "Very Good" rating in Matousec's Firewall challenge, with a result of 85%. Kaspersky Anti-Virus 7.0 has achieved a 6.5 result out of 8 in the Anti Malware Labs rootkit detection test. It has also achieved a 31 out of 33 detection of polymorphic viruses and a 97% result in the self-protection test. In 2007, Kaspersky Internet Security 7 received an award from the British magazine '' PC Pro'' and also won a place in its "A List". Kaspersky has passed most of
Virus Bulletin ''Virus Bulletin'' is a magazine about the prevention, detection and removal of malware and spam. It regularly features analyses of the latest virus threats, articles exploring new developments in the fight against viruses, interviews with anti-vi ...
comparative tests since August 2003. In 2005, according to ''
PC World ''PC World'' (stylized as PCWorld) is a global computer magazine published monthly by IDG. Since 2013, it has been an online only publication. It offers advice on various aspects of PCs and related items, the Internet, and other personal tech ...
'' magazine, Kaspersky anti-virus software provided the fastest updates for new virus and security threats in the industry. In ''PC World'' magazine's March 2010 comparison of consumer security suites, Kaspersky Internet Security 2010 scored 4.5/5 stars, and was rated second overall. In the December 2011 version of AV-Comparatives' annual reports, Kaspersky Lab's software has achieved highest overall ranking and has earned the AV Comparatives' "Product of the Year" award. On February 1, 2012, the Kaspersky Internet Security has earned "AV-TEST Award for Best Repair 2011" award in the field of home user products from
AV-TEST AV-TEST is an independent organization which evaluates and rates antivirus and security suite software for Microsoft Windows and Android operating systems, according to a variety of criteria. The organisation is based in Magdeburg, Germany. Ever ...
Institute. On January 28, 2013, the Kaspersky Endpoint Security has earned "AV-TEST Award for Best Protection 2012" and "AV-TEST Award for Best Repair 2012" awards in the field of corporate products from AV-TEST Institute. Later in 2013, Kaspersky earned the product of the year award from AV-Comparatives and the highest score among Enterprise solutions in a Dennis Technology Labs report. Kaspersky has also received certification of its products through the OESIS OK Certification Program, which verifies that the applications are interoperable with third-party technology solutions like NAC and SSL VPN products from
Cisco Systems Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, ...
,
Juniper Networks Juniper Networks, Inc. is an American multinational corporation headquartered in Sunnyvale, California. The company develops and markets networking products, including routers, switches, network management software, network security product ...
, F5 Networks, and others. In 2022 March Kaspersky received a cyber immunity registration trademark in the United States. The registration gives Kaspersky the exclusive right to use Kaspersky Cyber Immunity to identify it's products. It also confirms that the trademark has distinctive features checked against specific criteria by national government agencies.


Malware discovery

Kaspersky Lab's Global Research and Analysis Team (GReAT) was established in 2008. It investigates cybersecurity threats and other work by malware operations. IT security companies are often evaluated by their ability to uncover previously unknown viruses and vulnerabilities. Kaspersky's reputation for investigating cyber-security threats has been influential in gaining sales and prestige. Beginning around 2010, Kaspersky exposed a series of government-sponsored cyber-espionage and sabotage efforts. These include
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing subs ...
,
Duqu Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. Duqu has exploited Microsoft Windows's zero-day vulnerability. The Lab ...
, Flame,
Gauss Johann Carl Friedrich Gauss (; german: Gauß ; la, Carolus Fridericus Gauss; 30 April 177723 February 1855) was a German mathematician and physicist who made significant contributions to many fields in mathematics and science. Sometimes refer ...
,
Regin In Norse mythology, Reginn (Old Norse: ᚱᛁᚼᛁᚾ/ᚱᛁᚽᛁᚿ ; often anglicized as Regin or Regan) is a son of Hreiðmarr and the foster father of Sigurd. His brothers are Fafnir and Ótr. Regin in the sagas When Loki mistakenly ...
and the
Equation Group The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency (NSA). Kaspersky Labs de ...
. According to ''Wired'', "many of them ereseemingly launched by the US and its UK and Israeli allies. Kaspersky is especially well-known for its work uncovering Stuxnet and Flame." ;Stuxnet In 2010, Kaspersky Lab worked with Microsoft to counter-act the
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing subs ...
worm, which had infected 14 industrial locations in
Iran Iran, officially the Islamic Republic of Iran, and also called Persia, is a country located in Western Asia. It is bordered by Iraq and Turkey to the west, by Azerbaijan and Armenia to the northwest, by the Caspian Sea and Turkmeni ...
using four zero-day vulnerabilities in Microsoft Windows. According to IEEE Spectrum, the circumstances "strongly suggest" the worm was developed by the
United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territori ...
and
Israel Israel (; he, יִשְׂרָאֵל, ; ar, إِسْرَائِيل, ), officially the State of Israel ( he, מְדִינַת יִשְׂרָאֵל, label=none, translit=Medīnat Yīsrāʾēl; ), is a country in Western Asia. It is situated ...
to damage centrifuges in Iran's nuclear-enrichment program. It was the first discovery of a major government-sponsored cyber-attack. ;Flame In May 2012, Kaspersky Lab identified the malware Flame, which a researcher described as potentially "the most sophisticated cyber weapon yet unleashed". According to the researchers in Kaspersky Lab, the malware had infected an estimated 1,000 to 5,000 machines worldwide when asked by the United Nations
International Telecommunication Union The International Telecommunication Union is a specialized agency of the United Nations responsible for many matters related to information and communication technologies. It was established on 17 May 1865 as the International Telegraph Unio ...
to investigate reports of a virus affecting
Iranian Oil Ministry The Ministry of Petroleum (MOP) ( fa, وزارت نفت, Vezârat-e Naft) manages the oil industry, the producer of oil and petrochemical products. MoP is in charge of all issues pertaining to exploration, extraction, exploitation, distribution ...
computers. As Kaspersky Lab investigated, they discovered an MD5 hash and filename that appeared only on customer machines from Middle Eastern nations. After discovering more pieces, researchers dubbed the program "Flame" after the name of one of its modules. Flame was an earlier variant of Stuxnet. Kaspersky never verified the source of the software, but it is suspected to have been developed by the National Security Agency (NSA) to transmit keystrokes, Skype calls and other data. Kaspersky created algorithms to find similar malware and found Gauss that July, which collected and transmitted data from devices infected by bluetooth or USB drives. ;Red October In January 2013, Kaspersky discovered the Red October malware, which had been used for widespread cyber-espionage for five years. It targeted political targets like embassies, nuclear sites, mostly in Europe, Switzerland and North America. The malware was likely written by Russian-speaking hackers and the exploits by Chinese hackers. That June, Kaspersky discovered NetTraveler, which it said was obtaining data on emerging technology from government targets and oil companies. Kaspersky did not identify who was behind it, but it was similar to other cyber-espionage coming from Beijing, China. Later that same year, Kaspersky discovered a hacker group it called Icefog after investigating a cybersecurity attack on a Japanese television company. Kaspersky said the hacker group, possibly from China, was unique in that they targeted specific files they seemed to know about before planting malware to extract them. ;Mask In February 2014, Kaspersky identified the malware Mask, which infected 380 organizations in 31 countries. Many organizations that were affected were in Morocco. Some of the files were in Spanish and the group is believed to be a nation-state conducting espionage, but Kaspersky did not speculate on which country may have developed it. ;Regin In November 2014, Symantec and Kaspersky authored papers that contained the first disclosure of malicious software named
Regin In Norse mythology, Reginn (Old Norse: ᚱᛁᚼᛁᚾ/ᚱᛁᚽᛁᚿ ; often anglicized as Regin or Regan) is a son of Hreiðmarr and the foster father of Sigurd. His brothers are Fafnir and Ótr. Regin in the sagas When Loki mistakenly ...
. According to Kaspersky, Regin is similar to QWERTY, a malware program discovered the next year. Regin was used to take remote control of a computer and is believed to have originated from the
Five Eyes The Five Eyes (FVEY) is an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are parties to the multilateral UKUSA Agreement, a treaty for joint cooperation in sig ...
alliance. That same month Kaspersky reported on the Darkhotel attack, which targeted users of wireless networks at hotels in Asia. It asked users to update their software, then downloaded malware that gave up their passwords. ;Equation Group In 2015, Kaspersky identified a highly sophisticated threat actor that it called "The Equation Group". The group incorporated sophisticated spying software into the firmware of hard drives at banks, government agencies, nuclear researchers and military facilities, in countries that are frequent targets of US intelligence efforts. It is suspected to have been developed by the National Security Agency (NSA) and included many unique technical achievements to better avoid detection. That same day, Kaspersky announced the discovery of a hacker group it called Carbanak, which was targeting banks and moving millions of dollars into fake accounts. Carbanak was discovered when one bank asked Kaspersky to investigate suspicious behavior from its ATMs. A similar malware using some of the same techniques as Carbanak was discovered in 2016 and dubbed Carbanak 2.0. ;Duqu In June 2015, Kaspersky reported that its own network had been infiltrated by government-sponsored malware. Evidence suggested the malware was created by the same developers as
Duqu Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. Duqu has exploited Microsoft Windows's zero-day vulnerability. The Lab ...
and
Stuxnet Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing subs ...
, in order to get intelligence that would help them better avoid detection by Kaspersky in the future. Kaspersky called it Duqu 2.0. The malicious software resided in memory to avoid detection. The hack was believed to have been done by the same group that did
Duqu Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. Duqu has exploited Microsoft Windows's zero-day vulnerability. The Lab ...
in 2011. It used exploits in Microsoft installer files. ;Android cyber-espionage In June 2015, Kaspersky Lab and Citizen Lab both independently discovered software developed by
Hacking Team HackingTeam was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "''Remote Control Systems''" enable governments and corporatio ...
and used by 60 governments around the world to covertly record data from the mobile phones of their citizens. The software gave police enforcement a "menu of features" to access emails, text messages, keystrokes, call history and other data. Kaspersky also identified 37,000 attacks against banking companies that used modifications of the malware called Asacub and took control of Android devices. Asacub targeted mostly banking customers in the U.S., Russia and Ukraine using an SMS message that baited users into installing a Trojan. ;Silverlight In 2016, Kaspersky discovered a zero day vulnerability in Microsoft Silverlight. Kaspersky identified a string of code often used by exploits created by the suspected author. It then used YARA rules on its network of Kaspersky software users to find that string of code and uncover the rest of the exploit. Afterwards, Microsoft issued a "critical" software patch to protect its software from the vulnerability. ;Poseidon Group In 2016, Kaspersky uncovered the Poseidon Group, which would infiltrate corporations with malware using phishing emails, then get hired by the same company as a security firm to correct the problem. Once hired, Poseidon would install additional malware and backdoors. In June 2016 Kaspersky helped uncover a Russian hacking group, leading to 50 arrests. ;Titanium In 2019, Kaspersky uncovered Titanium, a very advanced and insidious backdoor malware
APT Apt. is an abbreviation for apartment. Apt may also refer to: Places * Apt Cathedral, a former cathedral, and national monument of France, in the town of Apt in Provence * Apt, Vaucluse, a commune of the Vaucluse département of France * A ...
, developed by PLATINUM, a cybercrime collective. Kaspersky Lab reported the malware on November 8, 2019.


Bans and allegations of Russian government ties

Since 2015, Kaspersky was alleged to have close ties to the Russian government by various western media outlets, and finally the US government itself. In 2017, President
Trump Trump most commonly refers to: * Donald Trump (born 1946), 45th president of the United States (2017–2021) * Trump (card games), any playing card given an ad-hoc high rank Trump may also refer to: Businesses and organizations * Donald J. T ...
signed the legislation to ban software of Kaspersky on government computers. US government institutions were prohibited from buying and installing Kaspersky software on their computers and other devices. In 2022, after the
Russian invasion of Ukraine On 24 February 2022, in a major escalation of the Russo-Ukrainian War, which began in 2014. The invasion has resulted in tens of thousands of deaths on both sides. It has caused Europe's largest refugee crisis since World War II. An ...
, the US government warned American businesses that the risk of using Kaspersky software had increased and the FCC added Kaspersky to its list of threats to U.S. national security. Kaspersky responded to the FCC’s move in a press release on its website, saying that the agency’s decision was “made on political grounds” in light of Russia’s invasion of Ukraine, and that the company “remains ready to cooperate with US government agencies to address the FCC’s and any other regulatory agency’s concerns.”


See also

*
Antivirus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
*
Comparison of antivirus software This article compares notable antivirus products and services. It is Wikipedia list article rather than a deep analysis of the strengths and weaknesses of each. Legend The term "on-demand scan" refers to the possibility of performing a manual ...
* Comparison of computer viruses *
Titanium (malware) Titanium is a very advanced backdoor malware APT, developed by PLATINUM, a cybercrime collective. The malware was uncovered by Kaspersky Lab and reported on 8 November 2019. According to ''Global Security Mag'', "Titanium APT includes a comple ...
* Shaltai Boltai * Vault 7


Notes


References


External links

*
Cyber Threat Real-Time Map

Log of cybersecurity discoveries
{{Authority control Antivirus software Companies based in Moscow Computer security companies Information technology companies of Russia Computer security software companies Privately held companies of Russia Software companies established in 1997 Software companies of Russia Technology companies of Russia Russian brands 1997 establishments in Russia