NSA hack: Russian hackers allegedly used Kaspersky's software to steal secret cyberweapons

The theft reportedly took place in 2015 and was discovered in 2016.

It is unclear whether the contents of the data stolen led to the multiple leaks made public by the mysterious hacker group, the Shadow Brokers. Reuters

Russian hackers reportedly stole classified NSA cyberweapons from the home computer of one of the agency's contractors, after the unspecified contractor removed the classified data and stored it one his personal computer. The theft reportedly took place in 2015 and was discovered in 2016.

According to a report by the Wall Street Journal, the attackers stole the NSA's confidential data by exploiting Kaspersky's anit-virus software, which the NSA contractor was using. The Journal reported that the stolen files include details of the NSA's offensive and defensive hacking tools as well as the computer code it uses for spying.

The Journal's report cited unspecified US officials, who believed that the Russian hackers were able to get their hands on the data after they were alerted by Kaspersky's software of its presence on the US contractor's computer. The report also implied about the likelihood of Kaspersky employees having potentially notified the Russian government about discovering NSA's classified data.

Advertisement

Kaspersky hits back

However, Kaspersky founder Eugene Kaspersky has since denied the allegations of the firm's alleged involvement in the theft.

"Kaspersky Lab has not been provided any evidence substantiating the company's involvement in the alleged incident reported by the Wall Street Journal on Oct. 5, 2017, and it is unfortunate that news coverage of unproven claims continue to perpetuate accusations about the company," the firm said in a statement.

"In the wake of the last article I want to emphasize: if our technologies detect anything suspicious and this object is identified as malware, in a matter of minutes ALL our clients no matter who and where they are, will receive protection from this threat," Eugene Kaspersky said in a statement.

"With big power comes big responsibility. We never betray the trust that our users put into our hands. If we would do that a single time that would be immediately spotted by the industry and our business would be done."

Kaspersky's role in the theft

The Journal's report comes amid heightened scrutiny from the US authorities on Kaspersky's alleged possible role in Russian hacking. Last month, the US DHS directed all US intelligence agencies to stop using Kaspersky's products. Earlier in the year, Best Buy halted its sale of Kaspersky products. However, despite US authorities mounting concerns on Kaspersky and its alleged ties to the Kremlin, the US government is yet to provide any tangible evidence backing its allegations against the Moscow-based cybersecurity firm.

Advertisement

In 2015, Google's Project Zero security researcher Tavis Ormandy revealed that Kaspersky's anti-virus platform contained multiple vulnerabilities that could have allowed hackers to remotely execute malicious code on computers running the software. Kaspersky has since patched the bugs. However, according to a report by ArsTechnica, a scenario involving Kaspersky's alleged role in the NSA theft could likely involve hackers exploiting the anti-virus software's vulnerabilities to carry out the theft.

NSA back in the spotlight

Although there is still uncertainty surrounding Kaspersky's alleged role in the theft, news of the attack has once again brought NSA back in the spotlight, making this the third instance in the past four years for the agency to have sustained a breach due to an insider accessing classified information.

Last year, NSA contractor Harold Martin was arrested for storing classified material on his personal computer. In 2015, an unspecified NSA official was arrested on suspicions of insider leaking, however, it is unclear if the arrest was in any way related to the theft reported by the Journal.

It is also unclear whether the contents of the data stolen led to the multiple leaks made public by the mysterious hacker group, the Shadow Brokers.

© Copyright 2017 IBTimes Co., Ltd. All Rights Reserved.