Supposedly Kaspersky Labs used its anti-virus software to steal stuff from customers computers, and this included a treasure trove of NSA hacking tools. The Intercept has written a very deep dive into the technical issues, demonstrating that perhaps Russian Intelligence services instead hijacked Kaspersky's software. Regardless, the discussion shows some disturbing things about how anti-virus software works, and demonstrates that anti-virus software companies have the ability to steal anything from any computer running their software. This makes me even more glad I don't run Windows.
A few months ago the USA Government banned the use of Kaspersky anti-virus software, Best Buy yanked it from their stores and from the computers it sells, etc. Reportedly Kaspersky Labs siphoned a bunch of hacking tools from an NSA employee computer. This involved Kaspersky Labs programming their software to search for specific terms, top-secret NSA programs and the like, and then targeting computers belonging to specific people at the NSA, in order to steal the tools. And -- regardless of whether Kaspersky did it, or whether Russian Intelligence hijacked Kaspersky, that sentence should have sent a chill up your spine. Every anti-virus software maker has the ability to search any computer, and upload any file on any computer. That capability is baked into anti-virus software for legitimate reasons, but could be misused.