Kasperskys anti-virus source code leaks to torrent sites

The popular Kaspersky Anti-Virus suite appears to have had its source code leaked online to torrent and file sharing sites. According to the description of the leak, the source code was stolen from the Kaspersky labs back in 2008 by a former employee who, according to Softpedia, had access to the code. The former employee had originally offered to sell the source code on the black market, but was jailed for three years for stealing intellectual property. 

The stolen source code reveals information such as the anti-virus engine, anti-phishing, anti-dialer, anti-spam, parental control and other important modules for the anti-virus program. Kasperky states that none of the source code that has leaked poses any threat to the security of its current desktop client. It contains only a portion of the program and since the release of the source code most of the core modules for the anti-virus program have all been updated or rewritten. Though the code is about three years old this would without doubt be a valuable asset and inspiration for malware and virus programmers as Kaspersky holds about 5% of the anti-virus market share. 

Kaspersky has since contacted a website over the leak [Russian], but is yet to release a statement to the public on its website. It's rumored that Kaspersky actually knew about the leak of the source code, as far back as November last year.

Report a problem with article
Previous Story

Google to hold Android 3.0 preview event next Wednesday

Next Story

Rumor: Amazon rolling out Netflix-like service for Prime members

72 Comments

View more comments

Educated Idiot said,
Wow, that's a really embarrassing blow to Kaspersky. I use to respect them, but moved on to greener pastures when their software got "a little fat".

I hope this prick gets what's coming to him -- cold, hard time in the slammer.


Couldn't have said it any better myself...+1!

Educated Idiot said,
Wow, that's a really embarrassing blow to Kaspersky. I use to respect them, but moved on to greener pastures when their software got "a little fat".

I hope this prick gets what's coming to him -- cold, hard time in the slammer.


he got jailed in 2008 for ~3 years, its 2011 now and the sourcecode is widely available...
never had math? his slammer days are over.

Kaspersky's Firewall + Antivirus is top notch though. dare i say, the best around. surepised their market share is so low for such a good product.

This speaks more about Russia than it does about Kaspersky. As previously pointed out the country is full of hackers and corruption, is it the fault of Kaspersky?

NyaR said,
This speaks more about Russia than it does about Kaspersky. As previously pointed out the country is full of hackers and corruption, is it the fault of Kaspersky?

and the U.S isn't or any country for that matter

Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!


than you could you say... and how to trust you? hmmm

point is they get a job @ walmart and see the amount of employee theft that goes on.

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!

What do you expect them to do, a full body scan + cavity search of everyone entering/exiting their building?

Monitoring of all internet communications (actually most large companies probably do anyway)

If someone wants to steal something and has enough knowledge of the various security systems.etc in place they will find a way to do it.

It's not like they can ban all their employees from accessing the source-code some need to access it in order to do their job.

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck.


I guess you're stating your opinion and nothing else, right?

Any Stupid Employee that does stupid things like that deserves a harsh punishment, even being put in prison for say 25 years sounds about right, especialy if the company has dnd policy or any policy that states that you cannot do certain things like stealing source code, also companies should restrict access to source code to only a few select members but if it is FOSS then no such need.

WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

Master1 said,
WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

Too little wage and holidays...

j/k
GS:lin

Master1 said,
WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

considering that, Microsoft must be an amazingly good company.
it has tons of products and its not like microsoft sourcecode is laying around to find everywhere.

Shadowzz said,

considering that, Microsoft must be an amazingly good company.
it has tons of products and its not like microsoft sourcecode is laying around to find everywhere.

It's true. Microsoft is an excellent company to work for. They treat their employees very well.

used to be the best av. Now it really sucks, well, the last 5 years.
Maybe is a good start to make this AV as open source, it wont hurt that much (after this, nothing could be worse to them).

If I had the time I would really like to go through that code... But I'll never have that much free time

Looks that Kaspersky really had a VIRUS in the organisation which stole the DATA from their Computers. Too bad for an AV Company.

I've used Kaspersky for the last couple of years and really don't have a complaint, they have improved a lot... their scanning engine used to be dead slow but it has really improved. I'll try really hard not to go back to either Norton or NOD; Norton used to create more issues than not and NOD's tech support denies issues until it is fixed a year later (talking about making the move to newer OS).

I would expect revisions in code every year especially with an AV product.

Unfortunately, Kasperskys' k11.sys has a nasty habit of causing BSOD crashes in some Windows 7 systems, and that in and of itself is reason enough to avoid it...

it ashame hearing this i like my Kaspersky 2011 but probably as future reference if i ever wanted to update i would have to look at article to see what kind of reputaton Kaspersky has earned

Commenting is disabled on this article.