The Kaspersky Scandal

A brief timeline of how kaspersky got implicated in the big scandal

Disclaimer: All of the below data is sourced from publicly available information.
  1. NSA Employee takes home malware from work.

2. Installs pirated MS office. Turns off Kaspersky 🤦‍♂️ when it complains that the pirated software is malware.

3. The malware takes hold, backdoor in the machine open for god knows how long

4. Employee turns on kaspersky again, it detects the office malware, deletes it.

5. Kaspersky finds the employee’s stash of malware from NSA. Sends it to the network for analysis as they seem to be suspicious

6. An analyst looks at the files, sees that they belong to NSA, and informs the CEO

7. Eugene Kaspersky asks the analyst to delete the files, and forget about it.

8. The Israeli government hackers who were inside Kaspersky’s network found that Kaspersky had access to NSA files (briefly)

9. Israel informs NSA that kaspersky had NSA tools in their network

10. US Gov bans installations of Kaspersky product.

What is unclear is how Russia allegedly got hold of the NSA malware taken from the analyst’s laptop. Maybe, they exploited the backdoor?

References: