A free file hosting Mlfat4arab posted the source code of the product Kaspersky Lab »- Kaspersky Internet Security.
Rar-archive size of 182 MB of January 26, 2011 uploaded to the hosting user unknown, and at the time of this writing, the file has been downloaded 2071 times. The archive contains a collection of files with code written in C + + tool in Visual C, and assembly files.
Judging by the names of the folders in the archive, it contains the source code of the engine KLAVA, which is a work in Kaspersky Lab's entered the final phase in 2008, based on KLAVA all subsequent generations of the company's products, starting with the line in 2009, which appeared on the market autumn 2008
The experts of the Russian distributor of ESET (producer antivirus NOD32), had an opportunity to explore the leaked archive, told Chachava Alexander, president of Leta Group, which belongs to the distributor. According to him, specialists came to the conclusion that the archive contains parts of the kernel code in versions 2006 and 2007 Chachava believes that "hardly in their study of competitors and hackers will be able to learn some know-how, as a heuristic "Kaspersky Lab has changed since then."
Laid out on hosting the files into a full product can not collect, he said. However, they contain snapshots of the signatures of several viruses, in which hackers and competitors can understand the principles of Kaspersky Anti-Virus.
In the Kaspersky source confirmed the leakage, but assured members that it will not hurt them
According to Chachava, the main damage to the Kaspersky Lab's reputation by this incident will be, because despite the poor quality of the leak, this case can still be called unprecedented for a company that deals with security. Antivirus kernel - the cornerstone of any business's security company, and its source code, it tries to protect more than your financial records. "
Commenting on the source of the leak, Alexander Chachava thought about some dissatisfied developer Kaspersky Lab, which, after leaving the company posted the source at several private places. Probably, now the archive has emerged on the public file server.
Board member and director of competitive intelligence "Dialogue Science Andrei Masalovich told , that before it will appear in the public domain, leaked code was offered for sale on the black market, with the first proposal was in April 2009
He said that the web is easy to find documents of any anti-virus developer classified as "confidential", but it does not give rise to sound the alarm: companies which do not allow for such leakage is vanishingly small. However, the publication of the core anti-virus can be a serious problem for Internet security, because after the inclusion in the security programs of heuristic algorithms, the cyber-criminals and cyber spies have started a real hunt for their description.
Masalovich recalled that the largest-ever leak source was the publication of unauthorized code running Windows NT4 and Windows 2000 that Microsoft acknowledged in February 2004
In Kaspersky Lab recognized leak code that contains "a fragment of the obsolete version antivirus engine, which then was seriously modified and updated." The company developers current leakage associated with the incident that took place in early 2008
Press Office Laboratories reported, that "a former employee of the company at the time who had legitimate access to the source code of products in 2008, posted on the Internet announcement of its sale." After treatment of the law enforcement agencies guilty leaks was arrested and sentenced to 3 years imprisonment with a probation period of 3 years under Article 183 of the Criminal Code.
According to Kaspersky Lab, in November 2010, the same source code was published in several private forums.
Kaspersky Lab confirms that the incident poses no threat to safety of users of products, solutions and services company, explaining that the stolen code refers to an outdated product line. According to the company, in its innovative products is "a very small part" of the published code, which does not apply to protective functions. Additionally, Kaspersky Lab has warned that the source code of its products is protected by copyright, and posting on the Internet, downloading, distribution, or use the code without consent is illegal. "
