Kaspersky Labs based on its investigation has accused the Pirated Software of Microsoft the reason for the recent NSA Hack. The NSA hack resulted in several documents being stolen from the targeted computer.
Earlier reports accused Kaspersky’s antivirus software which was running on the NSA worker’s home computer to be the reason behind the Russian spies to access the machine and steal important documents which belonged to NSA hacking unit, Equation Group.
The Kaspersky report claims that the internal forensic analysis confirms that the attack was successful and had taken place between September and November 2014 and not 2015 as was revealed in the media documents.
The cyberattack which led to the source code for Equation Group malware to be stolen was added due to the pirated Microsoft Office Software which was downloaded and installed using a key generator and manually disabling the Antivirus software installed on the computer.
The company says: “The illegal activation tool contained within the Office ISO was infected with malware. The user was infected with this malware for an unspecified period while the Kaspersky Lab product was inactive. The malware consisted of a full-blown backdoor which could have allowed other third-parties to access the user’s machine.”
Once the Antivirus software was re enabled the malware was detected as a 7ZIP archive file and some of the NSA files ended up on its servers. This detection took place on October 4, 2014.
After the detection of the infected file Backdoor.Win32.Mokes.hvl, Kaspersky uploaded the file for further analysis as per its company policy and once the classified docs were discovered the infected file was deleted.