GCHQ and NSA broke antivirus software so that they could spy on people, leaks indicate

The British and American spy agencies deliberately broke anti-virus software so that they could read the messages of their citizens, according to new leaks.

Both the NSA and GCHQ have long been said to have deliberately reversed engineer software so that they could find weaknesses in software and exploit them to read communications. But new documents show that the agencies did so to some of the most popular antivirus software, potentially exposing hundreds of millions of people to dangerous viruses, according to a report from The Intercept.

The agencies reverse engineered Kaspersky antivirus software so that they could see how it worked and ensure that it didn’t keep them from looking through computers, according to the report. They also looked through emails that had been sent to the company flagging up viruses and vulnerabilities, the Intercept reported.

Antivirus software picks up dangerous code of various kinds, including malware that looks what people are typing and doing that is often made by states as well as criminals. Attacking such software may have allowed the agencies to keep it from recognising threats from governments, as well as exploiting known vulnerabilities to get in.

Software like Kaspersky also runs with higher privileges on a computer — because it must have access to the whole system to ensure that it is kept safe, another person like a criminal or a government having access to it could use that to infiltrate the computer at a deep and dangerous level.

GCHQ obtained a warrant for the reverse engineering because it might otherwise be considered “unlawful”, according to The Intercept, which saw the details of the request for permission in files leaked by Edward Snowden. The Intercept says that the warrant is “legally questionable on several grounds”.