Kaspersky's antivirus software takes non-threatening files (updated)

The company's bid to come clean is raising a few concerns.

Sponsored Links

Jon Fingas
November 4, 2017 10:19 PM
Valery Sharifulin/TASS via Getty Images
Valery Sharifulin/TASS via Getty Images

Kaspersky's attempt to quash collusion fears through transparency isn't quite reassuring everyone. In an interview with Reuters, founder Eugene Kaspersky has acknowledged that his company's antivirus software has copied files that weren't marked as direct threats. In one example, the program removed GrayFish, a tool meant to corrupt Windows' startup sequence. Reuters sources also claim that Kaspersky's software once grabbed the photo of a suspected hacker from their computer, although the CEO didn't confirm this. He declined to talk about too many specific instances out of concern that it might help hackers cover their tracks.

The revelation doesn't affect the company's brief possession of classified NSA files (those were part of a larger file deemed suspicious). However, it's definitely not normal -- antivirus software typically only targets files that are direct risks. And in the case of competing antivirus tools, like F-Secure, it's not uncommon for them to ask permission before they upload anything.

This doesn't mean that Kaspersky's tool is doing anything sinister. According to Kaspersky, it's really about catching "cyber criminals." However, the revelation certainly isn't going to allay concerns that Kaspersky might have helped the Russian government conduct espionage. If the company can take files that don't have an immediate bearing on a PC's security, what's to stop it from passing on files that Russian intelligence might want?

As it is, this also highlights a broader issue with antivirus software as a whole. As Trail of Bits chiefDan Guido explained, many antivirus programs collect a large amount of data about the computers that run them, if often out of necessity. It wouldn't take much for a less-than-upstanding company or a hacker to misuse that info, and you may want to be sure that you're comfortable with how an AV suite handles your data before you use it.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

Update: Kaspersky disputes claims he said the software takes non-threatening files. Reuters has since modified its piece to reference the AV tool taking "inactive" files.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
View All Comments
Kaspersky's antivirus software takes non-threatening files (updated)