The NSA has been hacking popular Anti-Virus software for years -and that isn’t the scary part.–PC Pitstop
Anti-Virus Software Making You More Vulnerable?
by Bob Rankin
According to new documents released by Edward Snowden, the NSA and its British counterpart have, for several years, been hacking away at popular consumer security programs in order to subvert their protections. Read on to find out if your anti-virus protection is actually the WEAKEST link in your security chain…
The Weakest Link?
Snowden’s latest bombshell that government spy agencies may be targeting and subverting the very software we rely on to secure our computers is unwelcome news. But this disturbing revelation has led to another.
At least one security researcher claims that the software millions depend upon to protect them from hackers is actually more vulnerable to hacking than notorious hacker targets such as Adobe Reader, Microsoft Word, Google Chrome, and others.
The leaked documents include NSA internal communications and correspondences with the UK’s Government Communications Headquarters (GCHQ). They reveal that the spy agencies have long sought to reverse-engineer Kaspersky Lab’s Internet Security suite and other widely used anti-malware/anti-hacking products. Kaspersky alone claims more than 270,000 corporate clients and 400 million individual users worldwide.
Besides reverse-engineering, the spy agencies have eavesdropped on communications between installed copies of security programs and their developers, gleaning intelligence from the malware reports and error messages that these programs send home. They’ve also intercepted customer support emails between security software vendors and corporate clients that could aid in subverting security software.
Security software is an especially valuable target to hackers because such products typically have high-level privileges on the host machine. If a hacker can infiltrate a security product, he usually gets instant control over the entire system in just one fell swoop. Hacking a less-privileged program may require additional steps to gain the desired access privileges.