The code contains files in C++ and assembler that cover the anti-virus engine, as well as anti-phishing, anti-dialer, anti-spam, parental control and other modules. However, the Russian company claims the security of its current products (already in version 11) is not at risk because they only contain a small part of the filtered code and do not refer to the protection functions.
The company, after learning of the theft and sale of your information, has taken the necessary measures to avoid problems in your security. Kaspersky's systems have been adapted to make knowledge of old codes a tool for unveiling new ones.
A Kaspersky Lab spokesperson said the leak came from a former employee (of unknown identity) with legitimate access who stole the source code in early 2008. It's unclear whether he did it out of revenge or entirely for profit, but he ended up offering it on the black market where it was later leaked. For this reason, he was arrested and sentenced to three years in prison, followed by another three years of probation for the crime of industrial espionage and theft of intellectual property.
Although this incident could damage Kaspersky's reputation, ESET's distributor in Russia, which had the opportunity to analyze the leaked file, concluded that the RAR contains some of the code of functions found in the 2006 and 2007 versions, but "hardly its competitors or hackers could learn something like heuristics" and Kaspersky Lab has since changed.
The company said people should be aware that although the source code is publicly available it is kaspersky Lab's intellectual property, therefore downloading, distributing or using it without consent is illegal.
Publishing application codes or security systems is becoming a common practice. The case with the most repercussion in recent weeks has been Sony's "Epic fail".
Source: DDS.media
