Kaspersky Lab obtained NSA files. Not deliberately
The company conducted its own investigation after The Wall Street Journal on October 5 reported Russian hackers spied on the U.S. government using Kaspersky software to find and steal classified files on the NSA contractor's home computer.
"Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously," Kaspersky said in its 13-page report.
"To assist any independent investigators and all the people who have been asking us questions whether those allegations were true, we decided to conduct an internal investigation to attempt to answer a few questions we had related to the article and some others."
Kaspersky says a poorly secured PC with a pirated version of Microsoft Office sent NSA files to its servers from Sept. 11 to Nov. 9, 2014, from a Verizon FiOS address pool for the Baltimore, Md., area. The servers downloaded the files after the antivirus software flagged them for containing malicious code.
"The reason we deleted those files and will delete similar ones in the future is two-fold," Kaspersky Lab officials wrote in Thursday's report.
"We don't need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials.
"Assuming that the markings were real, such information cannot and will not [be] consumed even to produce detection signatures based on descriptions."
Eugene Kaspersky, the company's founder and chief executive, ordered the classified data deleted from the company's systems. ■