US, UK spies said to attack security software

Spies targeted Kaspersky Lab by reverse engineering its software, said a report in The Intercept

• The efforts, revealed through documents leaked by former NSA contractor Edward Snowden, focused on vendors, including Moscow-based security software developer Kaspersky Lab, which claims more than 400 million customers worldwide.

The NSA and the U.K.-based Government Communications Headquarters monitored web and email traffic between Kaspersky's software and its servers, the report said, and obtained sensitive customer information in the process.
The spies sought to reverse-engineer Kaspersky's software, and according to a warrant renewal request published by The Intercept, the British spy agency saw Kaspersky's software as a barrier to its intelligence gathering processes and needed to reverse-engineer the software to find ways to get around it.
The warrant was designed to give the agency permission to reverse engineer the software, though the report published in The Intercept questioned its legality.
A spokeswoman for Kaspersky said the vendor was closely reviewing the information disclosed in the report to assess the potential level of risk it may post to its infrastructure.