[samwillis]

This is interesting news but I think it's more about sanctions/politial pressure than an actual threat to general businesses and people.

Once a zero day or backdoor has been used its burnt forever, nation state intelligent services need to be incredibly careful about when and where they use them. If one was to be placed in a Kaspersky product and used, that's Kaspersky burnt as a business forever, and with it the ability to use it as a vector for high value targets. They are not going to use a backdoor in a Kaspersky product for a general attack on people and business, at least not at this point. Realistically any high value target in the west isn't using Kaspersky anyway.

[tuukkah]

> more about sanctions/politial pressure than an actual threat

I think this would be one of their hybrid warfare steps (well) before actually going nuclear.

[lozenge]

You seem to be assuming a lot of things, like that Kaspersky couldn't deploy certain updates to targeted customers? That malware will leave behind trails of how it got on the computer? That plausible deniability is impossible?

What happens when a definition update "reduces false positives" but actually lets in a Russian cyberweapon that is delivered independently?