What if the antivirus program transforms as the spying tool?

Kimmo Huosionmaa

Is Kaspersky's antivirus software a spying tool for the Russian intelligence is the very good question. If some antivirus- or firewall software has been used as the spying tool, the results could harm the national security. When we are talking about the use of an antivirus or any other security program as the spying tool, that will give change to the attacker to monitor all data, that goes between the computer and the Internet. But how to modify those extremely safe programs as the spying tool?


The best way is to make the "trojan horse", what just looks like that security program. In this scenario, the hackers just make their own software, what has the same kind of icons than the real antivirus program has, and then they must just route the net traffic to their own server. And then they have full access to any data, what is on that computer. Another way is to put the computer virus or spying program to the router, but the problem of that is that device's operating system is normally Linux, what makes the slipping that tool in the system quite difficult. Making the programs for Linux is different than making them for Windows, but if the monitoring tool can be set in the router, the hackers can monitor all data, what goes thru this device.


The problem of those hackers is that if too many persons will download that program, they would get so much data, that it becomes useless, and in the nastiest scenarios they will send the "sale offers" to the targetted persons, and in this case those persons will pay for those programs, what will steal their personal pictures and other data, what they wanted to keep secrecy.


That most advanced malware software might be stolen from the NSA (National Security Agency) or some other information security authority. Those tools were the national secret, but somebody copied the editors in their USB-stick and then those persons just walked away from Fort Meade. That software has been used to create computer monitor tools, what became public in the case, where the Iranian nuclear program have been monitored. And that software has probably been sold to the Russian intelligence and probably the criminals also have their copies of that complicated software.


But if the person is the good coder, can the necessary programming tools downloaded from the Internet. And in this scenario, the hacker will make the package, what looks like the update package for the antivirus software. This action bases that the antivirus tools must be updated simultaneously, that they can be effectively detected the malware. And if the computer virus will strike in the antivirus software, that might open the back gate to the system, and then all data can be stolen. Then the hackers might cover their crime by destroying the data system by the virus what forces to reinstall the system again, and if the backups were not made, the databases and evidence of the data crime would be stolen forever.