NB65 leaked the Kaspersky antivirus source code

The international hacker organization Anonymous announced a cyberwar against Russia after Russia attacked Ukraine. At present, Anonymous has hacked several Russian government websites. Most of these attacks just make these websites inaccessible, but there are also serious consequences, such as the theft of some Russian government websites and bank data.

On February 28, the Anonymous affiliate group Network Battalion 65 (NB65) attacked the Russian Institute for Nuclear Security, stealing 40,000 documents and containing certain sensitive data. At that time, the autonomous system of a Russian operator was also attacked, which hosted a large number of information systems of Russian government organizations and even military departments.

Some content related to Kaspersky can also be seen in the autonomous system, and it is suspected that Kaspersky provides security services for these websites and information systems. The latest news is that the hacker group has stolen the Kaspersky antivirus source code, and the screenshots released by the hackers show that the successful intrusion time is March 7, 2022.

Last night, NB65 released a message saying that please wait patiently for the Kaspersky source code to be released, and then released a message saying that everyone will see interesting code.

Stay tuned for Kaspersky source code leak. #Ukraine️

— NB65 (@xxNB65) March 8, 2022

Previously released screenshots can see the words Kaspersky’ Endpoint security, it is not clear whether the system will be leaked or the source code of antivirus software. The hacker has announced in advance that the stolen data will be released within 12 hours.

Update 1: NB65 released the Kaspersky antivirus source code

@Nb65Lead @ITarmyUA @YourAnonNews pic.twitter.com/09I80UTm14

— NB65 (@xxNB65) March 10, 2022

Update 2:

After downloading the files and reviewing them, we simply looked at the data and found no sensitive data. A large amount of data is stored in various sub-sites of Kaspersky, including webpage codes, security patches, certain configuration files, certain documentation, etc. Some of these data may be regarded as Kaspersky’s corporate trade secrets, but they have absolutely nothing to do with sensitive or confidential data and source code.

After the data download address was made public, a security boss @S0ufi4n3 who was active on Twitter quickly checked it and then tweeted that it was a good way to attract attention. Another Twitter user @dmknght also believes that the hacker is purely to gain attention, because the data released has no value, and it has nothing to do with the so-called source code. He said that 90% of the data are index.html and robots.txt, and other files can be found on the PC where Kaspersky is installed.

Recently, due to the successive hacking of Nvidia and Samsung and the leakage of a large amount of sensitive data, the security industry has paid attention to all Kaspersky-related news.

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Kaspersky antivirus source code