Kaspersky: "We have never been asked to whitelist malware"

Kaspersky's Global Research and Analysis Team has denied being asked by a company or government entity to whitelist or stop detecting malware.

The company decided to clear up some rumours about it caving in to external pressures when it explained how it came to uncover the Regin malware, saying the reason it took so long to detect was because finding out the impact and intricacies of malware is a complex, resource-heavy process and involves a lot of cooperation between different security firms.

"Without unlimited resources and the fact that we're tracking multiple APT actors simultaneously (Careto/Mask, EpicTurla, Darkhotel, Miniduke/Cosmicduke, to name a few), this becomes a process that takes months, even years, to gain a full understanding of a cyber-operation," Kaspersky said.

"While some of the Regin samples got on our radar early and we continued to find additional samples and artifacts during the research, we are convinced there are others that are currently unknown and undiscovered," the company said in a blog post.

Regin has been in operation since 2008, Symantec revealed last month and has already been implicated in attacks by governments against large companies, the majority of which are situated in in Russia, Saudia Arabia, Mexico and Ireland. It believes the attack mechanism could have been used by a Western country with sufficient development resources.

"At Kaspersky Lab, we are processing hundreds of thousands of samples every day," Kaspersky said.

"The art of figuring out which ones are significant and further yet which ones belong together as part of a big APT attack is akin to finding needles in a huge haystack and then figuring out which ones belong to the same knitting set. We are grateful for every needle we discover, because this makes the world a little safer."