[acqq]

Thanks. There is however:

"Investigators did determine that, armed with the knowledge that Kaspersky’s software provided of what files were suspected on the contractor’s PC, hackers working for Russia homed in on the machine and obtained a large amount of information, said the people familiar with the matter."

But that sounds very implausible, which entry would "the hackers" use? Note that nobody claims that Kaspersky did that "obtaining" that way (by hacking). But it appears to me that Kaspersky software simply first detected suspicious files and then also send them to the servers, which is what the software of most antivirus vendors does. And then the "hackers" story was invented to make it more dramatic. That better fits with the story of the NSA trojan files found on Kaspersky servers by the Israeli, as they hacked Kaspersky.

[ganoushoreilly]

The implications may be that the FSB provided specific signatures for them to look for, they came back when they popped up on a machine located at this contractors house, then further assessments were performed. In context that’s not far fetched at all.

[acqq]

How do you think FSB "came back" to the machine of the NSA malware developer who's in the USA? I think that's exactly what is not plausible. He surely isn't going to open a trojan named isthatyou.jpg.exe in the e-mail sent by them to him. He actually made such stuff (trojans or something) himself as he let Kaspersky's software automatically collect the sample of his "work in progress." Now the unnamed government sources "leak" this as a case of apparent "Russian hackers" whereas the only known hackers in the story are the NSA and the Israel's hackers who hacked the office computers of Kaspersky. Kaspersky's software just did what other antivirus software does too.