Two former employees of Kaspersky Lab have accused the malware protection software company of seeding competitors’ products with fake malware signatures intended to make them erroneously label benign files on customers’ computers as malicious. The allegations, made in a report published by Reuters Friday morning, have been strongly denied by a Kaspersky Lab spokesperson.
According to Reuters, the “junk” files were tailored to have the same signature as legitimate files, based on the fingerprinting mechanisms of competitors’ products. To do this, the two former employees alleged, Kaspersky assigned employees to reverse-engineer competitors’ products to see how they identified malware and then tailored samples that would match the signatures of common, harmless files.
The report does not include many specifics about the alleged faked signatures, such as which files were targeted for identification as false positives.