What the CIA thinks of your anti-virus program

PARIS — Peppering the 8,000 pages of purported Central Intelligence Agency hacking data released Tuesday by WikiLeaks are reviews of some of the world's most popular anti-virus products.

The hackers are quoted taking potshots at anti-virus firms, suggesting the American intelligence agencies are keenly aware of flaws in the products meant to be keeping us all safe online.

The data published by WikiLeaks isn't systematic enough to draw firm conclusions about the reliability of one product or another and the uncertain dating means the CIA's critiques provide more of a snapshot than an overview.

Still, the posts show America's top cyberspies aren't always flattering about commonly used security software.



The CIA appears to give mixed praise to the anti-virus solution by Comodo, the self-described "global leader in cyber security solutions."

One post by an apparent CIA hacker published by WikiLeaks said Comodo is "a colossal pain in the posterior. It literally catches everything until you tell it not to."

Just don't upgrade to Comodo 6.

That version "doesn't catch nearly as much stuff," the hacker appears to say, describing a particularly glaring vulnerability as a "Gaping Hole of DOOM."

Melih Abdulhayoglu, Comodo's chief executive, emphasized the first part of the post, saying that being called a pain by the CIA was "a badge of honor we will wear proudly." In a statement, he said that the vulnerability described by the CIA was obsolete. Comodo 6 was released in 2013; Comodo 10 was released in January.



This is one of the world's leading providers of security protection. But it may not keep you safe from the CIA.

A flaw in the code "enables us to bypass Kaspersky's protections," according to another post .

Founder Eugene Kaspersky dismissed the comment, saying in a Twitter message that the flaw identified in the CIA leak was fixed "years ago."

A statement from his company said a second flaw apparently identified by the agency was fixed in December 2015.



A CIA hacker appears to say that this German-engineered anti-virus product is "typically easy to evade."

The firm said in a statement that it had fixed what it described as "a minor vulnerability" within a few hours of the WikiLeaks release.

It added that it had no evidence that any of its users had been affected by the bug.



The CIA apparently had a trick to defeat AVG that was "totally sweet."

Ondrej Vlcek, the chief technology officer for AVG's owner, Netherlands-based Avast, said that the CIA appeared to be discussing a "theoretical bypass" of AVG's scanning engine which would have required additional work to successfully deploy as malicious software.

"We would not consider it critical," he said of the issue. Speaking via email, he added that it seemed the post was written "some time" ago.

"This is in fact not an issue today given the current operation of the AVG products," he said.



One CIA hacker appeared to be particularly scathing about this Finnish firm's security software. It's a "lower tier product that causes us minimal difficulty," one apparent hacker said .

F-Secure noted that the company was described elsewhere , along with Avira, as an "annoying troublemaker." It said there was a broader point to be made about the CIA's apparent decision not to warn anti-virus companies about the flaws in their products.

The agency "considered it more important to keep everybody unsecure ... and maybe use the vulnerability for its own purposes or counter terrorism purposes," F-Secure's chief research officer Mikko Hypponen said in a statement.



The posts aren't complete enough to say for sure, but Bitdefender, a Romanian anti-virus product, seemed to cause CIA hackers a lot of trouble.

One post appears to suggest that Bitdefender could be defeated by a bit of tinkering.

Or maybe not.

"Alas, we've just tried this," a response to the post said. "Bitdefender is still mad."

Bitdefender representative Marius Buterchi said the only conclusion to draw was that "we are detecting the CIA tools."


This story has been corrected to show that the last name of Bitdefender's representative is Buterchi.


Meg Kinnard in Columbia, South Carolina contributed to this report



WikiLeaks' release: https://wikileaks.org/ciav7p1/


Raphael Satter is reachable on: http://raphaelsatter.com

Related News

China charges former rising political star with...

Feb 13, 2018

Chinese authorities have charged former rising political star Sun Zhengcai with bribery

Rights group: China using personal data as...

Feb 27, 2018

Human Rights Watch finds evidence that authorities in one of China's most repressive regions are...

China to recruit civilian astronauts, boost...

Mar 5, 2018

China plans to begin recruiting civilian astronauts for its military-backed space program and...

China sets ambitious growth target, promises...

Mar 5, 2018

China's top economic official has set a robust growth target of "around 6.5 percent" and promised...

China targets $3 billion of US goods in tariff...

Mar 23, 2018

China lists $3 billion of U.S. goods including pork and steel pipe for possible retaliation in...

'Auction' of NSA tools sends security companies...

Aug 18, 2016

The leak of what purports to be a National Security Agency tool kit as part of a surreal online...

You may also like these

Rights group: China using personal data as...

Feb 27, 2018

Human Rights Watch finds evidence that authorities in one of China's most repressive regions are...

What the CIA thinks of your anti-virus program

Mar 8, 2017

Scattered throughout the 8,000 pages of purported Central Intelligence Agency data released by...

Event linked to French candidate Macron under...

Mar 14, 2017

French prosecutors have opened a preliminary investigation into suspected favoritism surrounding an...

The Latest: Renault-Nissan CEO confident in...

Sep 15, 2017

The head of the Renault-Nissan-Mitsubishi alliance predicts that tougher government emission...

France names winners of anti-Trump climate change...

Dec 11, 2017

Eighteen climate scientists from the U.S. and elsewhere hit the jackpot Monday as French President...

About Us

Science Tech Today is all about the present with what’s new in the Science and Technology world. “Keep up with today, and don’t be left behind.”

Contact us: sales@sciencetechtoday.com

Subscribe Now!