Israeli spies found Russians using antivirus software for hacks: Reports

Israeli intelligence officials spying on Russian government hackers found they were using antivirus software that is also used by 400 million people globally, including US government agencies, according to media reports on Tuesday.

The Israeli officials who had hacked into the network of Russian internet security giant, Kaspersky Lab, over two years ago then warned their US counterparts of the Russian intrusion, said The New York Times, which first reported the story. 

That led to a decision in Washington only last month to order Kaspersky software removed from government computers.

The Washington Post also reported on Tuesday that the Israeli spies had also found in Kaspersky's network hacking tools that could only have come from the US National Security Agency. 

After an investigation, the NSA found that those tools were in possession of the Russian government, the Post said.

And late last month, the US National Intelligence Council completed a classified report that it shared with NATO allies concluding that Russia's FSB intelligence service had "probable access" to Kaspersky customer databases and source code, the Post reported.

That access, it concluded, could help enable cyber attacks against US government, commercial and industrial control networks, the Post reported.

Extent of hack unknown

The New York Times said the Russian operation, according to multiple people briefed on the matter, is known to have stolen classified documents from a National Security Agency employee who had improperly stored them on his home computer, which had Kaspersky antivirus software installed on it.

It is not yet publicly known what other US secrets the Russian hackers may have discovered by turning the Kaspersky software into a sort of Google search for sensitive information, the Times said.

The current and former government officials who described the episode spoke about it on condition of anonymity because of classification rules, the Times said.

The newspaper said the National Security Agency and the White House declined to comment, as did the Israeli Embassy, while the Russian Embassy did not respond to requests for comment.

The Russian embassy in Washington last month called the ban on Kaspersky Lab software "regrettable" and said it delayed the prospects of restoring bilateral ties.

Kaspersky Lab denied to the Times any knowledge of, or involvement in, the Russian hacking. “Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage efforts,” the company said in a statement on Tuesday.

Eugene Kaspersky, the company's co-founder and chief executive, has repeatedly denied charges his company conducts espionage on behalf of the Russian government.

Kaspersky spokeswoman Sarah Kitsos told the Washington Post on Tuesday that “as a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight”. She said the company “does not possess any knowledge” of Israel’s hack, the Post said.

US intelligence agencies have concluded that Russian President Vladimir Putin ordered a multipronged digital influence operation last year in an attempt to help Donald Trump win the White House, a charge Moscow denies.