Kasperskys anti-virus source code leaks to torrent sites

The popular Kaspersky Anti-Virus suite appears to have had its source code leaked online to torrent and file sharing sites. According to the description of the leak, the source code was stolen from the Kaspersky labs back in 2008 by a former employee who, according to Softpedia, had access to the code. The former employee had originally offered to sell the source code on the black market, but was jailed for three years for stealing intellectual property. 

The stolen source code reveals information such as the anti-virus engine, anti-phishing, anti-dialer, anti-spam, parental control and other important modules for the anti-virus program. Kasperky states that none of the source code that has leaked poses any threat to the security of its current desktop client. It contains only a portion of the program and since the release of the source code most of the core modules for the anti-virus program have all been updated or rewritten. Though the code is about three years old this would without doubt be a valuable asset and inspiration for malware and virus programmers as Kaspersky holds about 5% of the anti-virus market share. 

Kaspersky has since contacted a website over the leak [Russian], but is yet to release a statement to the public on its website. It's rumored that Kaspersky actually knew about the leak of the source code, as far back as November last year.

Report a problem with article
Previous Story

Google to hold Android 3.0 preview event next Wednesday

Next Story

Rumor: Amazon rolling out Netflix-like service for Prime members

72 Comments

Commenting is disabled on this article.

it ashame hearing this i like my Kaspersky 2011 but probably as future reference if i ever wanted to update i would have to look at article to see what kind of reputaton Kaspersky has earned

Unfortunately, Kasperskys' k11.sys has a nasty habit of causing BSOD crashes in some Windows 7 systems, and that in and of itself is reason enough to avoid it...

I've used Kaspersky for the last couple of years and really don't have a complaint, they have improved a lot... their scanning engine used to be dead slow but it has really improved. I'll try really hard not to go back to either Norton or NOD; Norton used to create more issues than not and NOD's tech support denies issues until it is fixed a year later (talking about making the move to newer OS).

I would expect revisions in code every year especially with an AV product.

Looks that Kaspersky really had a VIRUS in the organisation which stole the DATA from their Computers. Too bad for an AV Company.

If I had the time I would really like to go through that code... But I'll never have that much free time

used to be the best av. Now it really sucks, well, the last 5 years.
Maybe is a good start to make this AV as open source, it wont hurt that much (after this, nothing could be worse to them).

WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

Master1 said,
WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

Too little wage and holidays...

j/k
GS:lin

Master1 said,
WOW typical Neowin replies, Kaspersky sucks because of this incident. REALLY If an employee is DETERMINED enough to steal the code and then releases it in order to get PAYBACK, how is that Kaspersky's fault. THINK ABOUT IT.

considering that, Microsoft must be an amazingly good company.
it has tons of products and its not like microsoft sourcecode is laying around to find everywhere.

Shadowzz said,

considering that, Microsoft must be an amazingly good company.
it has tons of products and its not like microsoft sourcecode is laying around to find everywhere.

It's true. Microsoft is an excellent company to work for. They treat their employees very well.

Any Stupid Employee that does stupid things like that deserves a harsh punishment, even being put in prison for say 25 years sounds about right, especialy if the company has dnd policy or any policy that states that you cannot do certain things like stealing source code, also companies should restrict access to source code to only a few select members but if it is FOSS then no such need.

Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!


than you could you say... and how to trust you? hmmm

point is they get a job @ walmart and see the amount of employee theft that goes on.

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck. Intellectual property is something to be very very closely guarded. This kind of breach and subsequent leak is potentially lethal to a company that is, in essence, a small player in this field.

If they are players in a field where they are supposed to protect you, and yet can't protect themselves, then how can you trust them?

Just goes to show, internet/network security is not always about attacks from outside -- more often that not, it's rogue employees or sub-contractors.

So....who can you trust? You need a company with a solid product AND good ethical practice at managing people....it's a tough one!

What do you expect them to do, a full body scan + cavity search of everyone entering/exiting their building?

Monitoring of all internet communications (actually most large companies probably do anyway)

If someone wants to steal something and has enough knowledge of the various security systems.etc in place they will find a way to do it.

It's not like they can ban all their employees from accessing the source-code some need to access it in order to do their job.

i11usive said,
Best around? What exactly are you a "guru" at?

Kaspersky sucks!!! Always has .. always will! And this little incident just goes to show how much they suck.


I guess you're stating your opinion and nothing else, right?

This speaks more about Russia than it does about Kaspersky. As previously pointed out the country is full of hackers and corruption, is it the fault of Kaspersky?

NyaR said,
This speaks more about Russia than it does about Kaspersky. As previously pointed out the country is full of hackers and corruption, is it the fault of Kaspersky?

and the U.S isn't or any country for that matter

Kaspersky's Firewall + Antivirus is top notch though. dare i say, the best around. surepised their market share is so low for such a good product.

Wow, that's a really embarrassing blow to Kaspersky. I use to respect them, but moved on to greener pastures when their software got "a little fat".

I hope this prick gets what's coming to him -- cold, hard time in the slammer.

Educated Idiot said,
Wow, that's a really embarrassing blow to Kaspersky. I use to respect them, but moved on to greener pastures when their software got "a little fat".

I hope this prick gets what's coming to him -- cold, hard time in the slammer.


Couldn't have said it any better myself...+1!

Educated Idiot said,
Wow, that's a really embarrassing blow to Kaspersky. I use to respect them, but moved on to greener pastures when their software got "a little fat".

I hope this prick gets what's coming to him -- cold, hard time in the slammer.


he got jailed in 2008 for ~3 years, its 2011 now and the sourcecode is widely available...
never had math? his slammer days are over.

The only part of this that was entertaining to me was the following:

"The former employee had originally offered to sell the source code on the black market, but was jailed for three years for stealing intellectual property. "

What an idiot.

Ruciz said,
agreed, but how many possible ways could antivirus software really work?

Plenty of ways. That is why we have better and worse antiviruses.

It may affect current product as well. Many source files from stable components remain unchanged over years.. or at least gives a brief idea how that component works. This may give hackers insight of current product.

codename.venice said,
It may affect current product as well. Many source files from stable components remain unchanged over years.. or at least gives a brief idea how that component works. This may give hackers insight of current product.

Meh. I guess the hackers KNOW how most AV engines work. I dont think knowing the source code makes it all that much easier. Chrome (the browser) is open source and regarded as the most secure browser (along with IE8 I suppose).
IE6 is closed source and we all know how that turned out. I dont think there is that much of a correlation.

Julius Caro said,

Meh. I guess the hackers KNOW how most AV engines work. I dont think knowing the source code makes it all that much easier. Chrome (the browser) is open source and regarded as the most secure browser (along with IE8 I suppose).
IE6 is closed source and we all know how that turned out. I dont think there is that much of a correlation.


most secure browser, thats because trojan horses and data mining malware are build in.
no reason for 3rd parties to do so, they can obtain this information for probably cheaper then hiring people to find and exploit browsers.

wajed said,
At least I have a chance to see some real AV code.

yup, big chance many scanners use the same/similar techniques. good to the interest of crackers

Who would use a useless code dated back to 2008?

In Kaspersky Lab recognized leak code that contains "a fragment of the obsolete version antivirus engine, which then was seriously modified and updated." The company developers current leakage associated with the incident that took place in early 2008

Kaspersky Lab confirms that the incident poses no threat to safety of users of products, solutions and services company, explaining that the stolen code refers to an outdated product line.

tiagosilva29 said,

With any luck... ClamAV!

LMAO tiagosilva29, Clam AV hahahahahaha The best AV ever....NOT But hey you can install it on Windows Servers =P

Wouldn't it be nice if something like this happened to Windows 7. Then it would be a FOSS too! *Puts on an iron suit of armour*

recursive said,
Wouldn't it be nice if something like this happened to Windows 7. Then it would be a FOSS too! *Puts on an iron suit of armour*

Except Microsoft would not publish updated source code, or support anyone who abused it.

Hater said,
You're right, it would effectively kill Linux's cute little 0.8% desktop marketshare.

Or perhaps Windows would actually get much more secure and not need an AV product.

recursive said,

Or perhaps Windows would actually get much more secure and not need an AV product.

the average village idiot on windows, will click the same ads on porn sites if they'd be on linux/mac. Or click on IM's "HEY IS THIS YOUR PICTURE http://goo.gl/ahdas ??"
just wait untill Linux or Mac gets the market share Windows has, you'll notice who's more secure?
a tested OS against malware/hackers and what not? or an OS that barely is a point of interest to those who want to mess with as much people as possible.

sunnym said,
Wat ?
whole code
Damn shifting to Nod

The source code is still from 2008, hence any newer version will be different

First a hacked website and now this! The leaked code may not be a threat but it will definitely affect the company's reputation.

nithinr6 said,
First a hacked website and now this! The leaked code may not be a threat but it will definitely affect the company's reputation.

Nice one.