Stories

Kaspersky Lab confirms that it downloaded secret NSA tools

The sign on Kaspersky Lab's headquarters in Moscow. Photo: Pavel Golovkin / AP

The head of Russian cybersecurity company Kaspersky Lab confirmed that his company's anti-virus software copied hacking tools from the National Security Agency to its servers but promptly deleted them upon learning of their existence, per the AP.

Why it matters: Kaspersky has been suspected of having ties to the Russian government — which the company denies — and it has come under scrutiny since the revelation of Russia's meddling in the 2016 presidential election, especially given the wide use of its popular anti-virus program in the United States. The U.S. government ordered Kaspersky's software to be removed from government-owned computers last month.

How Kaspersky says it happened: A member of a secret NSA hacking group uploaded the classified surveillance tools to his home computer, which became infected with a virus thanks to a pirated copy of Microsoft Office. Kaspersky's anti-virus program flagged the NSA tools as suspicious in the process — a common feature of anti-virus software — and uploaded them to its own server for analysis.

The big question: Was the incident genuinely an accident or did Kaspersky set its software to seek out such classified information? Kaspersky Lab and its owner, Eugene Kaspersky, denied deliberately searching for classified code, though he stopped short of telling the AP if he'd notified the NSA of his company's find.

Go deeper: The NYT report about Israel discovering Kaspersky's NSA download.

And don't forget: The FBI paid a secretive visit to Kaspersky employees back in June.