Two weeks ago, Kaspersky Lab revealed that it had uncovered a strain of malicious malware dubbed Slingshot, that had gone undetected for six years. It turns out that this was, in fact state-sponsored malware targeting terrorism and Kaspersky has ruined years-worth of a government sanctioned operation.
Kaspersky went public with Slingshot on March 9th, describing it to act like a Trojan horse that hidden itself within compromised MikroTik routers. The malicious code enacted a two pronged attack that ultimately allowed the perpetrator to gain complete access to the system and collect numerous amounts of vulnerable data.
It was suspected to be state-sponsored but not attributed to any single government entity, until the US government has stepped up to say that the public reveal has botched an operation against ISIS and al-Qaeda. Sources claimed to be active and former “intelligence officials” by Cyberscoop stated that Slingshot was a part of a US military program run by the Joint Special Operations Command (JSOC).
Tensions between Kaspersky and the US government have been high ever since the Russian-based company was suspected of spying on behalf of the Russian government. Chief executive Eugene Kaspersky has adamantly denied these allegations and has stated that it would not only quit Russia if asked to do so, but provide irrefutable evidence by allowing the US access to its source code. Regardless, the US has banned Kaspersky anti-virus software from its services departments as a precaution.
As the publication notes, the US is likely to scrap all operations based around Slingshot and wipe the slate clean before potentially moving onto something new.
KitGuru Says: While Kaspersky will likely be paying for its mistake as the US keeps an extra eye on it, it seems that the security lab’s reveal was simply to protect its user base rather than to spy for a government body. Do you think the firm was well intentioned with its reveal?