*shrug*
So far, no one has offered any evidence of anything. Pretty much on par with "Russians hax0red the elections" meaning they bought some ads and had paid trolls sling excrement. My best guess is Kaspersky didn't play ball on US state malware. This fits history. Stuxnet, Duqu, Flame, Gauss, Regin and the Equation Group. Other AV companies tried to softball it to the extent possible. Kaspersky didn't. Back in 2015, they found nation-state level malware on their internal network.
My personal take, and it is strictly opinion worth exactly what you paid for it, NSA is tired of spending a lot of time and effort on writing malware to have it added to updates and treated like any other virus. Direct pressure didn't work. Trying to hit Kaspersky's pocketbook might.
If Eugene Kaspersky leaves the company or dies, yeah, I'd stop using their software. Sadly, there's not many other top tier antiviruses out there. F-Secure is the only other one. It's less user friendly than even Kaspersky is. The rest are mid tier (Sophos, Symantec, Trend Micro) or bottom tier garage (ESET, AVG, etc).
Problem is, if you take out the top tier protection and leave the world's infrastructure protection in the hands of the mediocre, it's a real world thousand times worse off than even the random successful terrorism or rogue nation. NSA doesn't think like that. Better to burn dozens of bridges than get blamed for the next... whatever.
https://www.wired.com/2015/06/kaspersky-finds-new-nation-state-attack-network/If Kaspersky was a hostile entity, why give exploit information to Microsoft who will release a patch and close that loophole out for the entire world? Why not share them strictly with the FSB or other Russian agencies? Why openly PUBLISH attack vectors instead of profiting off it? If they're an arm of the Russian cyberwarfare complex, they're doing a remarkably bad job at it by notifying vendors of exploits and publishing methods used by nationstate level malware.