Kaspersky forced to deny the source code leak
Antivirus (AV) software provider Kaspersky has had to deny that it was the subject of a cyberattack by Ukrainian hacktivists after allegations surfaced on social media in the evening of March 10.
The company spoke out after a group of hacktivists known as Network Battalion 65 or NB65 – who may have ties to the Anonymous collective – claimed to have leaked Kaspersky’s product source code. In its statement, the group said it would continue its campaign until Russia ceases hostilities against Ukraine (see below).
NB65 is known to have actively participated in previous cyberattacks against Russian state targets over the past two weeks, although the success of these attacks has been disputed by Russian authorities.
– Dominic Alvieri (@AlvieriD)
March 10, 2022
In a statement circulated on Twitter, a Kaspersky spokesman said the organization takes security “very seriously.”
“Kaspersky experts have reviewed recently released information that allegedly contained the source code of Kaspersky products,” the spokesman said. “The result of the analysis confirms that claims are unfounded – the leak does not contain the source code of the company’s products. Instead, the analyzed dump contains publicly available data from Kaspersky servers.
“The source code of Kaspersky’s products, along with security and AV database updates and the software BOM, are all available for review at transparency centers opened around the world as part of the Kaspersky Global Transparency Initiative.”
In the fortnight since Russia began its war against Ukraine, Kaspersky has attempted to remain neutral, despite the fact that its founder, Eugene Kaspersky, was pilloried last week after describing the illegal war in which Russia has attacked civilian targets, including hospitals, as the “current situation”.
Kaspersky was founded in Moscow in 1997 by Eugene and Natalya Kaspersky and Alexey De-Monderik, although the first version of its software actually dates back to the Soviet era. Although its products – like many AV companies – have at times been accused of being little more than scareware, over the past 25 years it has become arguably the best-known Russian software company in the world. At the same time, it operates its own respected research and analysis teams and has become a prominent source of threat intelligence and a vocal contributor in the cyber community.
While it hasn’t attracted the same scandal as companies like Huawei, it has increasingly become the subject of government attention and restrictions in the West since Western relations with Russia deteriorated under the dictatorship of Vladimir Putin.
In 2017, US authorities cracked down on Kaspersky, alleging collusion with Russian intelligence, while at the same time the UK’s National Cyber Security Center (NCSC) raised similar concerns about the possibility that Kaspersky could transfer UK data to the Russian government , either voluntarily or under duress.
Kaspersky has responded in part to these allegations by stepping up its aforementioned transparency initiatives and opening dedicated facilities that allow government agencies, national cyber agencies, corporations, and Kaspersky customers to porise over its code, updates, threat detection rules, and other technical information and business processes. These centers are located at different locations in Kuala Lumpur, Madrid, São Paolo and Zurich.
As of the end of 2020, it had also removed the data storage and processing activities related to its core markets APAC, Europe and North America from the purview of the Russian government and relocated them to Switzerland.