What's New
Off Topix: Embrace the Unexpected in Every Discussion

Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

NSA Poking Around Antivirus Software

Webster

Retired Snark Master
Administrator
Joined
May 11, 2013
Posts
25,381
OT Bucks
68,616
PC Magazine: NSA Poking Around Antivirus Software
U.S. and U.K. security agencies aren't just interested in your phone calls and naked pics. They also want to crack antivirus software, according to The Intercept.

Citing the documents leaked by former NSA contractor Edward Snowden, The Intercept says that the National Security Agency (NSA) and the U.K.'s GCHQ have reverse-engineered popular antivirus software in order to exploit bugs, but also monitored the Web and email activity of antivirus firms to learn about new vulnerabilities and malware.

One name that kept coming up over and over was Kaspersky. U.K. officials had a particularly tough time trying to crack Kaspersky software, and requested a warrant in 2008 in order to reverse engineer the company's technology. As The Intercept explained, reverse engineering of software is often forbidden by licensing agreements and, in some cases, laws. So GCHQ requested a warrant.

"It is unclear what GCHQ accomplished in its analysis of Kaspersky software, but GCHQ has repeatedly reverse engineered software to discover vulnerabilities," The Intercept said. "Rather than report the vulnerabilities to the companies, spy agencies have quietly stockpiled numerous exploits for a wide range of commercial hardware and software, using them to hack adversaries."

Across the pond, meanwhile, the NSA also had an interest in Kaspersky. In 2008, they found that its software was transmitting information that might reveal who was using Kaspersky software and allow for tracking of those users. Kaspersky told The Intercept that is not the case, however.

The agencies, meanwhile, were also snooping on email activity, keeping an eye out for messages that discussed new bugs. Antivirus firms can sometimes be slow to patch these vulnerabilities, particularly if they are not public, so the NSA and GCHQ were looking for mentions of things they could exploit, even temporarily.

An NSA presentation listed 23 AV firms on a slide titled "More Targets," including Bit-Defender, F-Secure, Avast, AVG, and Avira. Kaspersky, however, has been a particular thorn in the agency's side, as it has uncovered a number of sophisticated, state-sponsored attacks linked to the U.S., including Flame, Gauss, and Equation Group.

Earlier this month, Kaspersky said it had been hacked, probably by a "nation state." Kaspersky said the attackers—believed to be the same group behind 2011's Stuxnet-like Duqu worm—were mainly interested in spying on its technologies, especially its solutions for discovering and analyzing sophisticated attacks known as Advanced Persistent Threats (APTs). The attackers were looking to find out about Kaspersky's ongoing investigations into advanced attacks, detection methods, and analysis capabilities.
-Read more: http://www.pcmag.com/article2/0,2817,2486506,00.asp
...thoughts?
 
Oh bugger. I have Avast. I hope NSA won't figure out I'm posting on an Internet forum to say that I hope they won't find out I'm posting on an Internet forum... wait, what? :P
 
Back
Top Bottom