Russian hackers had used Kaspersky software to identify classified files on the NSA contractor’s home computer, which they then stole, it said.
It later emerged Kaspersky had also copied files off the PC itself.
…On 11 September 2014, the company said, one of its products deployed on a home computer with an internet protocol (IP) address in Baltimore, Maryland – close to where the NSA is based – had reported what appeared to be variants of the malware used by the Equation Group.
…Soon after, the user had disabled the Kaspersky Lab anti-virus tool and downloaded and installed pirated software infected with another, separate form of malware.
…Kaspersky denies creating “signatures” specifically designed to search for top secret or classified material.
…And during this period the command-and-control servers of this malware were registered to what appeared to be a Chinese entity.
“Given that system owner’s potential clearance level, the user could have been a prime target of nation states,” the Kaspersky spokesman said.
US federal agencies have now been told to remove all Kaspersky software from their computers.