|
 He was quoting from Vladimir Putin's famous threat a decade earlier
to pursue Chechen rebels wherever they were: "If we catch them in
the toilet, then we will rub them out in the outhouse."
Former employees say that the reprisal Kaspersky was pushing for was
to trick AVG's antivirus software into producing false positives -
that is, misclassifying clean computer files as infected.
As previously reported by Reuters, the plan involved creating fake
virus samples and malware identifications to fool competitors into
disabling or deleting important files, thereby creating problems for
their customers.
"More and more I get the desire to smack them with their falses,"
Kaspersky wrote in Russian in one email seen by Reuters, dated July
23, 2009. He accused AVG of poaching staff from his company. "AVG is
carrying out an HR attack on the company, mostly the managers."
The emails shed fresh light on the allegations of two former
Kaspersky Lab employees that the Moscow-based company had sought to
sabotage rivals to gain market share and retaliate against
competitors it believed were mimicking its malware detections
instead of relying on their own research.
Kaspersky Lab has strongly denied the allegations. On Friday, it
said the emails "may not be legitimate and were obtained from
anonymous sources that have a hidden agenda."
"Kaspersky Lab has never conducted any secret campaign to trick
competitors into generating false positives to damage their market
standing. Such actions are unethical, dishonest and illegal," the
company said in a statement.
The ex-employees told Reuters that AVG, Microsoft Corp <MSFT.O> and
Avast Software were among the companies targeted by Kaspersky Lab in
campaigns between 2009 and 2013 to spread false positives through
threat information-sharing programs.
"To be honest, I'll feel pretty bad when AVG goes public and earns a
billion. They won't say thanks to you or me – don't even hope,"
Kaspersky wrote in another email seen by Reuters, dated Oct. 8,
2009.
"'Rubbing out' – is one of the methods, which we will DEFINITELY use
in combination with other methods."
A day earlier, Kaspersky had urged his team in another email to
consider "rubbing them out in the outhouse," noting that his
European chief was "very positive about falses." The emails do not
confirm that an attack was launched against AVG or say how effective
it might have been.
AVG's former chief technology officer, Yuval Ben-Itzhak, previously
told Reuters the company was hit with waves of doctored virus
samples from 2009 to 2013.
AVG, Microsoft and Avast have all declined comment on who might have
been behind the sophisticated assaults. AVG did not immediately
respond to a request for comment on the emails.
CHINA CAMPAIGN
In the emails, Eugene Kaspersky did not give specifics on the
"rubbing out" method that he envisioned using against AVG. But he
said it was a trick that the company had used against a competitor
in China years ago. He did not identify the company in the email.
[to top of second column] |
"We've already had an experience 'rubbing out' – in China. In year
2002-2003. And we did end up moving one of then-market leaders,"
Kaspersky wrote.
A former Kaspersky Lab employee said the Chinese target was Beijing
Jiangmin New Science & Technology Co, one of the biggest antivirus
companies in the country at the time. Jiangmin General Manager Guo
Changsheng declined to comment.
In 2002, Kaspersky Lab had been struggling to gain traction in the
massive Chinese market, where piracy was rampant in the software
industry, according to former employees.
Jiangmin did well in part because it copied Kaspersky Lab's
identifications of malicious software files, said two former
software engineers at Jiangmin, and a Chinese expert who had worked
with both companies. The three sources spoke on condition of
anonymity.
After repeated threats and attempts to reach a licensing deal with
Jiangmin failed, the Chinese expert said, Kaspersky Lab began to
fake some of its malware detections in China in order to cause
problems on Jiangmin's customer machines when the Chinese company
copied them.
Kaspersky Lab did this to protect itself from more piracy, the
Chinese expert said, adding that the campaign worked. "All of a
sudden, customers came to Kaspersky."
Jiangmin's general manager declined to comment on the allegations
that the company copied Kaspersky Lab's detections. He also declined
to comment on whether Jiangmin had suffered from false detections
during the period in question.
Kaspersky Lab has previously said that it too had been hit with fake
virus samples. It declined to provide copies of the samples or give
other details.
It is not known how much business Kaspersky Lab may have gained in
China or elsewhere as a result of these alleged attacks.
In one of the emails, Eugene Kaspersky said the China attack, which
he called a "rubber bomb," was a success. The term "rubber bomb"
comes from a Russian joke about an explosive that keeps bouncing and
inflicting more damage.
"Something tells me that without that 'rubber bomb,' things wouldn't
be so rosy for us in China," Kaspersky wrote in the Oct. 8, 2009
email.
(Additional reporting by Gerry Shih in Beijing and Alina Selyukh in
Washington; Editing by Tiffany Wu)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
