Chinese cybersecurity firm Antiy Labs denounced reported targeting by the United States and Britain on Thursday, saying the practice is "despicable".
The Intercept, an investigative news site, reported this week that the U.S. National Security Agency (NSA) and British Government Communications Headquarters (GCHQ) had reverse engineered software, sometimes under questionable legal authority, and monitored web and email traffic. The report alleged that the move aimed to thwart anti-virus software and obtain intelligence from companies about security software and users of such software, citing documents from NSA whistleblower Edward Snowden.
The Intercept reported that the NSA targeted foreign anti-virus companies to monitor their email traffic for reports of new vulnerabilities and malware, in a project called Camberdada.
An NSA presentation, cited by The Intercept, listed nearly two dozen antivirus companies as "More Targets!", including Chinese security firm Antiy Labs. Notably omitted are the American anti-virus brands McAfee and Symantec and the British company Sophos.
Antiy said in a statement that the monitoring of email traffic - computer users' reports of potential malware - from cybersecurity firms to gain an advantage was "despicable".
In years of combating malicious code, cybersecurity firms across the globe have established an industry-wide understanding and cooperation mechanism by which they share information, and jointly respond to threats, according to Antiy, but this reported targeting of certain firms would undermine trust within the industry and threaten future cooperations.
Founded in 2000, Antiy is headquartered in northeast China's Heilongjiang Province. It claims to have first found famous malware like CodeRed II and Dvldr, and also published insights on others including Stuxnet, which reports said was being used as a cyberweapon.