In October 2017, Kaspersky Lab initiated a thorough review of our telemetry logs in relation to alleged 2015 incidents described in the media. We were aware only of one single incident that happened in 2014 during an APT investigation when our detection subsystems caught what appeared to be Equation malware source code files and decided to check if there were any similar incidents. Additionally, we decided to investigate if there were any third party intrusions in our systems besides Duqu 2.0 at the time of this alleged 2015 incident.
We have performed a deep investigation associated with the case from 2014 and preliminary results of this investigation revealed the following:
We believe the above is an accurate analysis of this incident from 2014. The investigation is still ongoing, and the company will provide additional technical information as it becomes available. We are planning to share full information about this incident, including all technical details with a trusted third party as part of our Global Transparency Initiative for cross-verification.