NB65 leaked the Kaspersky antivirus source code

Kaspersky antivirus source code

The international hacker organization Anonymous announced a cyberwar against Russia after Russia attacked Ukraine. At present, Anonymous has hacked several Russian government websites. Most of these attacks just make these websites inaccessible, but there are also serious consequences, such as the theft of some Russian government websites and bank data.

On February 28, the Anonymous affiliate group Network Battalion 65 (NB65) attacked the Russian Institute for Nuclear Security, stealing 40,000 documents and containing certain sensitive data. At that time, the autonomous system of a Russian operator was also attacked, which hosted a large number of information systems of Russian government organizations and even military departments.

Some content related to Kaspersky can also be seen in the autonomous system, and it is suspected that Kaspersky provides security services for these websites and information systems. The latest news is that the hacker group has stolen the Kaspersky antivirus source code, and the screenshots released by the hackers show that the successful intrusion time is March 7, 2022.

Last night, NB65 released a message saying that please wait patiently for the Kaspersky source code to be released, and then released a message saying that everyone will see interesting code.

Previously released screenshots can see the words Kaspersky’ Endpoint security, it is not clear whether the system will be leaked or the source code of antivirus software. The hacker has announced in advance that the stolen data will be released within 12 hours.

Update 1: NB65 released the Kaspersky antivirus source code

Update 2: 

After downloading the files and reviewing them, we simply looked at the data and found no sensitive data. A large amount of data is stored in various sub-sites of Kaspersky, including webpage codes, security patches, certain configuration files, certain documentation, etc. Some of these data may be regarded as Kaspersky’s corporate trade secrets, but they have absolutely nothing to do with sensitive or confidential data and source code.

After the data download address was made public, a security boss @S0ufi4n3 who was active on Twitter quickly checked it and then tweeted that it was a good way to attract attention. Another Twitter user @dmknght also believes that the hacker is purely to gain attention, because the data released has no value, and it has nothing to do with the so-called source code. He said that 90% of the data are index.html and robots.txt, and other files can be found on the PC where Kaspersky is installed.

Recently, due to the successive hacking of Nvidia and Samsung and the leakage of a large amount of sensitive data, the security industry has paid attention to all Kaspersky-related news.