Tag Archives: Antivirus

How To Find Antivirus Software That Will Keep Your Small Business Safe

You’ve worked hard to get your business up and running. The last thing you need is to open your laptop and find a pop-up message demanding bitcoin for the safe return of your data. Unfortunately, this isn’t a hypothetical situation; it’s one of the fastest growing cybersecurity dangers facing businesses today. But more on that later.

Right now, your research into antivirus protection for your business has brought you to this article, which is good for you because it’s about to list the bare minimum features you’ll want in any antivirus (AV) software, plus a few nice-to-haves.

No Computer Science Degree Needed

One feature you can’t live without is easy to use. SMB owners don’t have the money to pay full- time IT professionals. Like most other things, maintenance and admin duties will fall on your shoulders, so find an antivirus software that:

  • Sets up easily
  • Has a clean, intuitive user interface (UI)
  • Incorporates powerful admin controls

Good SMB antivirus software will have the information you need when you need it. Look for software with a centralized dashboard that gives you real-time monitoring and control of every facet of the system. If an employee gets their laptop stolen at a conference, you’ll want to close access fast before a hacker can do their dirty work. You may have to say goodbye to your laptop, but you won’t have a teary-eyed farewell for your data.

Dashboards and management consoles make admin duties — like granting and revoking user privileges — a breeze.

Any antivirus software worth the money will be ready to go after you install it. There shouldn’t be any additional infrastructure or technology to buy; it should work right out of the box. Keep an eye out for these key features and you’ll be running your software like a IT pro even without the computer science degree.

Scales With Your Business

When investing in AV software, you want one that will grow with your business. Effective enterprise antivirus software will have you covered regardless of size, with pricing models that charge by the number of devices covered or users.

Consider scalability a prime feature in an AV software. As your profit grows, so too will the target on your company’s back. Hackers are lazy. They want a big data score, so plan to invest more in cybersecurity software and choose an AV brand that can power up the quality and quantity of protection as your business expands.

Provides Endpoint Protection

It won’t do just to inoculate your office devices from computer viruses. Malware attacks for mobile devices and the Internet of Things (IoT) are predicted to rise. Cyberthieves aren’t targeting your employee’s mobile phone to steal their identities; they’re hacking it to access your network and your data.

Each of your employees and their personal devices are potential entry points into your network. To keep costs down, many SMBs have a bring-your-own-device (BYOD) policy, but personal devices are more prone to infection. Would you really trust your employees to remember to update their device’s operating systems or to avoid dangerous websites?

Comprehensive SMB antivirus software will have “endpoint protection,” which means it monitors all of the devices on your network that have access. Endpoint protection monitors all logins and runs security updates automatically regardless of device or operating system.

Low Impact on Your Devices’ Performance

Any antivirus software will slow down your company’s computers, tablets, and smartphones. The question is how much. Competition in any market today is fierce and time is money. That’s why AV developers work hard to keep all of their software’s scanning and monitoring activities as resource-hogging on possible.

Good antivirus brands for small and medium businesses use a cloud-based system that has little impact on device performance. With cloud-based AV software, a good chunk of the virus scanning and device authorizations happen outside of your network and devices, so the effect on your devices is small. Plus, cloud-based antivirus software gives you admin access anywhere there’s internet access.

Robust Malware Database

Antivirus software detects malware by comparing the files you open and the software you run against known malware strains. It keeps a “library” of these digital nuisances, and when it finds one, it blocks access to it. So, AV software is only as good as its malware database.

Good AV software will have a thorough and consistently updated malware database; a superior one will include malware strains not even created yet. Yes, you read that correctly. Some AV developers are even able to predict future malware types with complex algorithms and artificial intelligence.

Cybersecurity is a business where it’s not enough to just respond to malware attacks; you must fight them before they happen. When you’re researching good antivirus protection, look for products that use “heuristics” or “adaptive defense” strategies for detecting malware. These terms mean the software has a robust, proactive, and updated malware database.

High Detection and Low False Positive Rates

Your business needs antivirus software that stands up to real world protection tests. Independent organizations compare different AV products and score them on detection rate and false positives. Rate of detection is how effective the software is at detecting malware. False positives occur when a software wrongly flags a file or software as harmful when it’s actually safe.

Any AV software can get high detection rates if they’re overly aggressive. But that results in a false positive for your accounting software too. That’s a problem. So too is a program that lets anything through. Zero false positives here! But now you’ve got viruses galore. You want a antivirus protection with both a high detection rate AND low false positives.


Here’s a list of some nice-to-haves that aren’t critical but certainly helpful for SMBs.

Password Manager

Passwords are the front line of defense for a small to medium business’ cybersecurity, and the rules for creating secure passwords continue to evolve. The reining champion for most popular password is still “123456”, which should give every business owner goose bumps. Enterprise-level AV software will offer a password manager as a feature. At minimum, a good password manager will:

  • Warn users of weak passwords
  • Create strong passwords for users
  • Encrypt passwords for storage
  • Have auto-login and autofill features
  • Let you manage employee permissions from an admin console
  • Give you access to password management anywhere
  • Offer two-factor authentication

Firewall Defense

Firewall programs monitor and block cybersecurity threats that try and access your network via the internet. Cyberattacks like drive-by downloads and botnets are on the rise. Most users aren’t aware these types of attacks have happened. Hackers use sophisticated autonomous malware like worms that actively search your system for security vulnerabilities to exploit. Firewalls help eliminate these attacks by filtering the traffic coming into your network.

Ransomware Protection

One of the fastest growing cybersecurity dangers facing businesses today is ransomware. Any business with valuable data (as if there’s any other kind) is a good target for cyberthieves who want to steal or encrypt your data and then trade cash for it.

The scheme is popular because it’s effective and lucrative. Encrypted data is almost always lost if you choose not to pay, so the best protection is prevention. For that, you need a AV software that can spot the sophisticated methods used in a ransomware attack and warn you before the worst happens.

Yes, data threats like ransomware are for real and on the rise, but you don’t have to just cross your fingers every time you give an employee the wifi password. Comprehensive, enterprise-level antivirus protection will safeguard your data and help you sleep at night — two essential parts of your business’s success.

The post How To Find Antivirus Software That Will Keep Your Small Business Safe appeared first on Panda Security Mediacenter.

Read More

Avira Antivirus Pro is AV-Comparatives’ Top Rated Product for 2017

Avira Antivirus Pro is AV-Comparatives’ Top-Rated Product for 2017

Avira won the Top Rated Products seal, as well as Silver Award for Real-World Protection Test, in AV-Comparatives 2017 annual review Throughout 2017, the independent test institute AV-Comparatives submitted 21 security products for Windows for rigorous investigation. All the programs underwent seven tests during the year, scanning their ability to protect against real-world Internet threats, […]

The post Avira Antivirus Pro is AV-Comparatives’ Top Rated Product for 2017 appeared first on Avira Blog.

Read More

Craving for entertainment? Learn how to enjoy it without restrictions

Craving for entertainment? Learn how to enjoy it without restrictions - divertissement, intrattenimento

Online entertainment has a very important and complex role in our lives: you don’t watch it only for relaxation, but also to empathize with the characters and feel like you have experienced some new stuff (for which you don’t have enough time to do in your real life) or to have interesting debate topics while […]

The post Craving for entertainment? Learn how to enjoy it without restrictions appeared first on Avira Blog.

Read More

Do I need Antivirus for Windows 10?

Whether you’ve recently upgraded to Windows 10 or you’re thinking about it, a good question to ask is, “Do I need antivirus software?”. Well, technically, no. Microsoft has Windows Defender, a legitimate antivirus protection plan already built into Windows 10.

However, not all antivirus software are the same. Windows 10 users should examine recent comparison studies that show where Defender lacks effectiveness before settling for Microsoft’s default antivirus option. 

An AV Comparatives 2017 study shows Windows Defender falls behind other antivirus software in protection, usability, and performance. Defender also lacks consumer-friendly features that are growing in popularity — like password managers and a built-in virtual private network (VPN).

Overall Protection: Defender Falls Behind Other Software

Any antivirus software needs a good protection rating. Detecting and eliminating malware threats is the primary consideration. Be aware of future trends in malware attacks and choose antivirus software based on its ability to defend against growing threats such as zero-day attacks and ransomware.  

The AV Comparatives study tested 17 major antivirus software brands and ran from July to November 2017. Defender received an overall protection rating of 99.5%, falling behind seven other cybersecurity software.

Another 2017 study by the IT-Security Institute showed Defender falling behind other antivirus software in preventing zero-day malware attacks. Zero-day attacks happen the same day developers discover a security vulnerability, and they’re growing in popularity among cybercriminals.

The IT-Security Institute’s test results (for July and August) showed Defender as only 97.0% effective against zero-day malware attacks, 2.5% below the industry average. The difference may seem small, but the stakes are high for zero-day attacks. It only takes one ransomware or botnet attack to hijack your computer or steal your identity.  

Defender causes usability problems

All antivirus software impacts how you use your computer because it scans all of the websites, files, and other software your system interacts with. With antivirus software, consumers want the most protection with the least interference. Compared to other antivirus products, Defender struggles to stay out of your way.

False positives

When antivirus software scans files and websites for potential threats, they can mistakenly flag some as dangerous. These “false positives” can get really annoying because they block access to safe websites or stop the installation of legitimate software. These issues can slow you down and are distracting.

The AV Comparatives study (below) found Defender had a higher false positive rate compared to the majority of major antivirus software packages.

Defender struggles particularly with flagging legitimate software as malware. The IT-Security Institute’s tests showed Defender having a higher than average rate of false detections for safe software. Users who want to get around this issue by lowering Defender’s protection settings become more vulnerable to real malware attacks.

Defender’s performance

All antivirus software slows down your computer at least a little. After all, it takes computing power to scan all of the bits of information running through your computer’s processor, but a bulky or inefficient antivirus package can mean slower website loads, crawling status bars, and sluggish software launches.

The IT-Security Institute’s test results (above) showed Defender scoring below industry average for standard software application launches and frequently used applications. Its performance score was 4.5 out of 6.0.

Defender will make your favorite programs run slower when you use your computer at home. If you own a business, your employees will be slowed down too. Overly burdensome antivirus software coupled with outdated computers means a loss of worker productivity and revenue.

The Problem with Standard Antivirus Protection

Fans of Defender point out that  it comes standard with Windows 10, which means no extra software to download and install onto your computer. Pre-installed standard software is convenient from a usability perspective, but it also leaves you more vulnerable to attack.

Cyberthieves make Defender a priority one target because it works the same for every computer. Any standard way to doing anything makes it easier to predict and circumvent. Defender is no exception. Hackers make sure they’re malware designs can avoid Defender’s basic detection and take advantage of its vulnerabilities. Less standard antivirus software take unique approaches to finding and eliminating viruses—approaches difficult to predict.

To protect yourself, your family, and your devices, you need the best free antivirus protection available. While some users may still see Defender as a viable option based upon their specific needs, they’re trading convenience for effectiveness — a luxury with personal and financial costs that increase every year.

Download your Antivirus

The post Do I need Antivirus for Windows 10? appeared first on Panda Security Mediacenter.

Read More

AV-TEST certifies Avira Antivirus Pro as Top Security Product

AV-TEST certifies Avira Antivirus Pro as Top Security Product

Avira confirms again the long series of recognition for its great performance products. The Avira Antivirus Pro was awarded the “AV Top Product” seal following its high scores in the independent testing organization’s search for the best antivirus software for Windows Home User. The test looked at security software for computers with Windows 10 from […]

The post AV-TEST certifies Avira Antivirus Pro as Top Security Product appeared first on Avira Blog.

Read More

Worms vs. Viruses: What’s the difference?

Worms, viruses, bots, oh my! Such names sound less like monikers for malicious software than characters in a sci-fi novel. Despite their fictional-sounding names, the monetary damage these types of malware can cause to computers and data is very real. Studies put the global cost of ransomware attacks for 2017 between 1 and 3 billion dollars.

Most types of malicious software (aka malware) work differently, but all have the same function: to install unwanted software on your computer or network for malicious purposes ranging from simple annoyance to corporate espionage.

Two of the most common forms of malware are worms and viruses. Knowing how they work can limit the damage of a malware attack sooner and help avoid infection altogether.

Spreading the Word Doc

Worms and viruses differ in two main ways: how they spread or “replicate” and their level of autonomy. To function, viruses need a host file (e.g., a Word document) or a host program (e.g., that free PDF splitter you downloaded). To replicate, viruses need humans to send them through emails, messages, attachments, etc. They can’t do this on their own.

Worms are viruses that can replicate themselves, emailing themselves to other computers and networks without help from pesky humans. A worm’s autonomy tends to make it more aggressive or contagious, while a virus may lay dormant for years waiting for a user to open an infected file. To use a cinematic analogy, worms are more like predators, viruses are more like aliens.

How viruses replicate

Computer viruses are transmitted like biological ones. For example, the common cold spreads through person-to-person contact. We pass our cold germs to other people through coughs and sneezes. Unsuspecting victims breath in our virus spray and presto! We’ve just replicated the virus to them. The point: It takes a human action (i.e., coughing and sneezing) to replicate a virus.

We replicate computer viruses by sending (sneezing) infected attachments through emails, instant messages, etc., to other users. Like us, they unknowingly download and open the attached file. Most recipients will open these attachments because they trust us. Replication of the virus took a human action and a little gullibility.

Social engineering

Social engineering is a way of tricking people into spreading malware to others. Hackers use our own assumptions and confirmation bias to fool us.

For example, when we visit our bank’s website, we usually first look for the most recognizable features: company name, logo and the familiar layout of the page. All of these features tip us off that we’re in the right place. Instead of applying a more critical eye, we quickly compare what we see to what we expect. When those basic expectations are confirmed, we click ahead.

Everyday, hackers create malicious copies of legitimate websites and emails to steal our private credentials. These digital fakes don’t need to be perfect copies either, just close enough to match our expectations. That’s why it’s best to avoid clicking email links to common websites and instead use a browser bookmark so you always know you’re in the right place.

Even a worm will turn

Worms are actually a subclass of virus, so they share characteristics. They also are passed through files like attachments or website links, but have the ability to self-replicate. Worms can clone and transmit themselves to thousands of other computers without any help from humans. Consequently, worms tend to spread exponentially faster than viruses.

Worms have this viral superpower in part because they don’t rely on a host file like a virus. While viruses use these files and programs to run, worms only need them as disguises to sneakily wiggle into your computer. After that, the worm runs the show. No more host files or social engineering required.

How to protect yourself

Even though worms and viruses are different, you take similar precautions to avoid them.

Avoid opening unfamiliar messages and attachments

Social engineering is powerful and preys on our assumptions and familiarity, but you can fight it by paying more attention to your online interactions. Inspect emails closely. Phishing emails usually have telltale signs they’re scams. Most importantly, never open an email attachment from an unknown source. If you can’t confirm the source, delete the attachment. One moment of satisfying your curiosity isn’t worth the risk.

Avoid non-secure web pages

Non-secure websites don’t encrypt how they talk to your browser like secure ones do. It’s easy to identify websites that are non-secure. They start with HTTP in their URL address. Try to visit only secure sites that start with HTTPS. The ‘s’ stands for ‘secure’. Browser plugins like HTTPS Everywhere can make searching only HTTPS sites easier.

Update your operating systems

Hackers love to find security holes in operating systems like Windows. It’s a game of cat and mouse played with software engineers who constantly test, identify and patch ways of infiltrating their own software. The result of their efforts is the security update. Updating your OS applies those patches as soon as they’re released, increasing your protection level. Set your system to auto-update.

Be picky about your programs

Like operating systems, individual apps on your devices also need updating – and for the same reason. Aside from updating them, you should also decide whether you even need them at all. Remember, viruses need host files and programs for execution and disguise. Decide whether you actually need the app, or if you already have it, how often you use it. The more apps you have, the more updates. The more updates, the more opportunities for a security breach or infection.

A couple of programs you will want to give special attention to are Adobe Flash and Acrobat Reader. Both are popular targets for cyber criminals. If you don’t use them, uninstall them.

Get antivirus protection

The easiest and most effective action you can take to protect yourself from worms and viruses is to get a total antivirus protection plan. Antivirus software can’t be manipulated by social engineering tricks. It never assumes anything. It scans every file you open and every program you run for viruses and worms. Good ones do this in real time.

Every worm and virus discovered gets assigned a ‘signature’, a unique indicator that says “this is a virus!” Antivirus software keeps a list of those signatures and compares them to all of the data coming through your system.

You now understand the differences between worms and viruses, how they spread and where they hide. Be more critical the next time you open an unfamiliar email or visit a familiar website. Following these tips and getting antivirus software is the best way to avoid malware.

Antivirus protection against ransomware

The post Worms vs. Viruses: What’s the difference? appeared first on Panda Security Mediacenter.

Read More

The modern Wild West’s guide to mobile malware

The modern Wild West's guide to mobile malware

Smartphones are mobile – which is precisely why we spend so much time with them instead of our more stationary computers. We do surfing, mobile banking, shopping, chatting – even watching advertisements. In fact, just about everything we do online is now done on the go with our smartphones. This huge amount of face time […]

The post The modern Wild West’s guide to mobile malware appeared first on Avira Blog.

Read More

Is Roblox Safe for Your Kid?

The internet continues to create conflicts for parents who want to give their children the benefits it provides without exposing them to the dangers it harbors. Online videos games are part of that struggle. Staying up-to-date on safety issues helps parents better negotiate the benefits and costs of online gaming.

Parents want to provide their children with the tools for expanding their imaginations. Once it was the humble Lincoln Log set. Now it’s user-generated, multi-platform, immersive online gaming systems. With games like Roblox, kids now have the power to build any world they can imagine and socialize with other players from around the world.

Roblox touts 64 million active players every month, who log on to “create adventures, play games, roleplay, and learn with friends.”

Children put in hundreds of hours playing games like Roblox, and they’re emotionally connected to their accounts — to a level many adults may not consider. When a child’s account is stolen, they’ve lost more than just their username and password; they’ve given up the worlds they’ve built, the items they collected, the avatars they’ve customized, the friends they’ve made and any future plans for the game. It can be devastating.

Given the power and creativity Roblox provides children, the company takes a proactive stance to protect their players from inappropriate content, online hackers, cyber thieves and other internet dangers. Roblox provides resources like in-game moderators, parental guides and content controls to help parents. However, it’s impossible to monitor the activity of so many players.

Hackers can steal player accounts or infect computers with malware, but knowing the common safety issues will help you keep your devices safe and your child’s imagination on track.

Can you get a virus from Roblox?

It’s impossible to get a virus playing within the Roblox platform because the game doesn’t “permit, or have the functionality, to upload, retrieve, or otherwise disseminate harmful executables or malware via its platform,” says Brian Jaquet, the company’s Senior Public Relations Director.

However, while hackers can’t introduce a virus within the Roblox game, they can find ways to get kids to leave the platform where infection or account theft is possible.

Phishing attacks

Pop-up ads or chat links offering free Robox or custom items can lure children to fake phishing websites designed to infect your computer or steal your child’s Roblox account. It’s similar to how phishing attacks work on YouTube. Roblox hackers entice users away from the game with promises of free gifts or Robux, the platform’s in-game currency, if they click a link within a chat message or pop-up ad.


While on a malicious website, hackers trick users into downloading an executable program having an .exe extension. Once opened, the program infects the computer with malware designed to steal data, which can include your banking formation and passwords.

Stolen Passwords

Phishing attacks can also steal Roblox accounts while on fake websites. Players are prompted to login with their Roblox username and password with promises of free Robux. Their information is then saved and can be used to steal their password. The image below is from a phishing website.

The Roblox community rules clearly state players are forbidden to “sell, trade or give away Robux, digital goods or game codes except through official channels on the Roblox platform.” Players can buy and sell game items, but only as Builders Club members. Sharing outside programs on the Roblox site is not allowed, but it does happen.


Hackers can also steal from players while on the Roblox platform. These scams commonly use pop-up ads promising free items, but instead of a new weapon or t-shirt, players get their Robux stolen or accounts hijacked.

Fake maintenance

The so-called “Fake Maintenance Scam” is a phony graphic user interface (GUI) that tells users the site is “undergoing maintenance”. The scam is effective because it tricks players into giving away their login information. Younger or newer players, upset at their game’s interruption, are more likely to sign back in without questioning the GUI’s authenticity.

Here are some maintenance guidelines to help children identify when Roblox is actually undergoing maintenance:

  • An orange banner (see above) will appear on the Roblox website warning you before maintenance begins.
  • When the banner changes to red, you won’t be able to play Roblox until maintenance is finished.
  • Maintenance usually occurs when you’re asleep or at school.
  • Roblox will never ask for your username and password anywhere except the home page.


Scammers can use “bots” to make money from Roblox players. Bots are automated programs that perform a specific set of tasks. On Roblox, the most common bot task is to create a fake account and message players, asking them to visit a website to get free Robux.

Hackers released thousands of bots or a “botnet” during the 2017 Group Wall Scam. The botnet was sending thousands of players to a monetized YouTube video to increase its number of views.

How to prevent attacks

Here are some ways to keep your little Roblox players and their devices safe.

Enable two-step verification

Two-step verification adds an extra layer of security to your child’s account by requiring an extra step to prove your identity. Any time your child signs in on a new device, Roblox will require you to enter a six-digit security code. For your child’s account, use a secure email address only you can access. Anyone trying to change the account’s password will need that security code.

Create a strong password

Even without phishing scams and fake GUIs, hackers have ways of guessing your child’s passwords using software. Teach your child that they should never write down their password or share it with anyone except you. Follow password creation guidelines to help them build a strong password that’s easy to remember.

Sign out when on shared devices

If your child plays Roblox on multiple devices, like a friend’s or a school’s computer, remind them sign out of their account when they’re done. It’s easy for others to access accounts when they’re simply left open in a browser.

Check the link before you click

You never want your child going to another website from the Roblox platform. If they do, they’re probably somewhere they shouldn’t be. Help them understand that URLs are an address for websites, like the one where they live. Just like they need to make sure they’re getting off the bus at the right stop, they need to check to make sure they’re on the right web address. For the Roblox website, they can look for the roblox.com address in the browser’s address bar. For example: https://en.help.roblox.com.

Set messaging and chat to “Friends”

Control who can communicate with your child through the account’s privacy settings. In the “Privacy” settings tab, users can control who can chat, message, invite and join them in the game. Restrict contact to “Friends” to keep your kid’s interactions safer. They’ll be less likely to encounter a malware link. However, you will still need to manage who their “Friends” are to keep the group safe.

If your child is part of the Builders Club, they can set their group to “Private” to keep out scammers.

Report Abuse and Scammers

Roblox employs moderators to monitor content, blocking inappropriate ads and warning players of scams. But with the game’s large number of users, player interactions, trading systems and user-generated content, it’s challenging to monitor everything.

Encourage your children to report any inappropriate behavior or scams. Roblox makes it easy for them to report others for a variety of abuses, from cyberbullying to posting offsite links. Tell them to find a grown up — either you or a moderator — if they have a bad feeling.

Free lunches

Use Roblox to teach your kids that there’s no such thing as a free lunch. If something sounds too good to be true, it probably is. If someone is offering free Robux or customized avatar t-shirt they’ve been wanting for weeks, it’s 99.9 percent likely to be a scam. The official Roblox trading system has specific rules to follow for exchanging items.

Download a good antivirus software

Antivirus software will protect your devices from getting infected by viruses or eliminating them if you do. There’s no substitute for vigilance, but downloading an antivirus software can eliminate the stress and worry that comes with the combination of children, the internet and digital devices.

As a parent, the last thing you want is to have your child’s social and creative Roblox experience end up as a bad memory. There’s more at stake than just a video game. Friends, digital worlds and hours of play can be stolen alongside usernames and passwords. Taking a little time to educate your kids about the real world can go a long way in keeping their digital one safe.

The post Is Roblox Safe for Your Kid? appeared first on Panda Security Mediacenter.

Read More

Kaspersky: NSA Worker’s Computer Was Already Infected With Malware


Refuting allegations that its anti-virus product helped Russian spies steal classified files from an NSA employee’s laptop, Kaspersky Lab has released more findings that suggest the computer in question may have been infected with malware.

Moscow-based cyber security firm Kaspersky Lab on Thursday published the results of its own internal investigation claiming the NSA worker who took classified documents home had a personal home computer overwhelmed with malware.

According to the latest Kaspersky report, the telemetry data its antivirus collected from the NSA staffer’s home computer contained large amounts of malware files which acted as a backdoor to the PC.

The report also provided more details about the malicious backdoor that infected the NSA worker’s computer when he installed a pirated version of Microsoft Office 2013 .ISO containing the Mokes backdoor, also known as Smoke Loader.

Backdoor On NSA Worker’s PC May Have Helped Other Hackers Steal Classified Documents

This backdoor could have allowed other hackers to steal classified documents and hacking tools belonging to the NSA from the machine of the employee, who worked for the Tailored Access Operations (TAO) group of hackers at the agency.

For those unaware, United States has banned Kaspersky antivirus software from all of its government computers over suspicion of Kaspersky’s involvement with the Russian intelligence agency and spying fears.

Though there’s no substantial evidence yet available, an article published by US news agency WSJ last month claimed that Kaspersky Antivirus helped Russian government hackers steal highly classified documents and hacking tools belonging to the NSA in 2015 from a staffer’s home PC.

However, the article, which quoted multiple anonymous sources, failed to provide any solid evidence to prove if Kaspersky was intentionally involved with the Russian spies or some hackers simply exploited some zero-day bug in the Antivirus product.

Kaspersky lives up to its claims that its antivirus software detected and collected the NSA classified files as part of its normal functionality, and has rigorously denied allegations it passed those documents onto the Russian government.

Now, in the recent report published by the anti-virus firm said between September 11, 2014, and November 17, 2014, Kaspersky Lab servers received confidential NSA materials multiple times from a poorly secured computer located in the United States.

The company’s antivirus software, which was installed on the employee’s PC, discovered that the files contained malware used by Equation Group, a 14-year-old NSA’s elite hacking group that was exposed by Kaspersky in 2015.

Kaspersky Claims it Deleted All NSA Classified Files

Besides confidential material, the software also collected 121 separate malware samples (including a backdoor) which were not related to the Equation Group.

The report also insists that the company deleted all classified documents once one of its analysts realized that the antivirus had collected more than malicious binaries. Also, the company then created a special software tweak, preventing those files from being downloaded again.

“The reason we deleted those files and will delete similar ones in the future is two-fold; we do not need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials,” Kaspersky Lab report reads. 

“Assuming that the markings were real, such information cannot and will not [be] consumed even to produce detection signatures based on descriptions.”

Trojan Discovered on NSA Worker’s Computer

The backdoor discovered on the NSA staffer’s PC was actually a Trojan, which was later identified as “Smoke Bot” or “Smoke Loader” and allegedly created by a Russian criminal hacker in 2011. It had also been advertised on Russian underground forums.

Interestingly, this Trojan communicated with the command and control servers apparently set up by a Chinese individual going by the name “Zhou Lou,” using the e-mail address “zhoulu823@gmail.com.”

Since executing the malware would not have been possible with the Kaspersky antivirus enabled, the staffer must have disabled the antivirus software to do so.

“Given that system owner’s potential clearance level, the user could have been a prime target of nation states,” the Kaspersky report reads. 

“Adding the user’s apparent need for cracked versions of Windows and Office, poor security practices, and improper handling of what appeared to be classified materials, it is possible that the user could have leaked information to many hands.”

More details on the backdoor can be found here.

For now, the Kaspersky anti-virus software has been banned by the U.S. Department of Homeland Security (DHS) from all of its government computers.

In the wake of this incident, Kaspersky Lab has recently launched a new transparency initiative that involves giving partners access to its antivirus source code and paying large bug bounties for security issues discovered in its products.