Image: David Orban/Flickr
Here's one unsportsmanlike way to stop competitors from riding on your coattails: sabotage. Two ex-employees of Russian cybersecurity company Kaspersky told Reuters that the company asked them to reverse engineer competitors' antivirus programs in order to trip up their security, but then ended up just publishing false positives.It's a spiteful but understandable move. Antivirus companies piggyback off each other's findings by exchanging virus definitions, and while this means users can get safer quicker, companies still need to spend resources to find those security flaws in the first place. If you've ever been in a college group project you know exactly how it feels to be in that sort of position.The company was allegedly able to do this by using Google's VirusTotal threat aggregation site—by injecting bad code into otherwise benign files, it was able to trip up multiple companies at once that used the site to update their own definition files. In this case, that includes Microsoft, AVG, and Avast.Kaspersky founder Eugene Kaspersky refuted Reuters' report on his official blog.Kaspersky said that his company and several others fell victim to anonymously submitted false positives in 2012-2013, and that there was a closed-door investigation with no breakthroughs. He said the company has been wrongly smeared by "disgruntled ex-employees."Magnus Kulkuhl, a former virus analyst for Kaspersky, blogged about inducing false positives in clean files in 2010."We created 20 clean files and added a fake detection for 10 of them," he wrote. "Over the next few days we re-uploaded all twenty files to VirusTotal to see what would happen. After ten days, all of our detected (but not actually malicious) files were detected by up to 14 other AV companies," he wrote.Kaspersky said that it conducted the experiment in 2010 to draw attention to the security industry's neglect. The company said that competitors were simply looking at markers that pointed out "bad" files rather than actually studying their behavior.The company denies any claims that it sabotaged competitors."Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing. Such actions are unethical, dishonest and their legality is at least questionable," the company said in a statement.The ex-employees claimed that Kaspersky had been doing this for about ten years, but most of the activity can be traced back to 2009-2013.Update 8/14/15: This post was updated with mention of Eugene Kaspersky's blog post.
Advertisement