Update (14 March, 1:20PM): Kaspersky released an official statement with regards to the hack attack it suffered. It basically serves as a reconfirmation over what we’ve reported.
“Kaspersky experts have checked recently published information, which allegedly contained the source code of Kaspersky products. The result of the analysis confirms that claims are unfounded – “the leak” doesn’t contain the source code of the company’s products. Instead the dump analyzed contains publicly available data from Kaspersky servers. The source code of Kaspersky’s products, along with security and AV database updates, results of security audits, software build of materials, are all available for review in Transparency Centers opened around the world as part of the Kaspersky Global Transparency Initiative.”
Original article below:
As Russia’s invasion of Ukraine begins to enter its third week, many sympathisers of the defender have taken to conducting their own form of offensives, particularly in the realm of cyberspace. On that note, a hacker collective going by the name of Network Battalion 65, or NB65, recently broke into servers reportedly belonging to the Russia-based cybersecurity company, Kaspersky.
The drama began a few days ago when NB65’s action first came to public light when the hacker collective began stating its intentions to leak Kaspersky product source codes. True to its word, the hacktivists then tweeted a follow-up message in less than 12 hours, confirming that the deed was done, signing off with the link to the source code dump. The Twitter messages have since been deleted, but we managed to save the message before that.
As to why NB65 targeted Kaspersky, the antivirus company has long been accused of having engaged with the Russian Federal Security Service (FSB), the latter allegedly having once used the Russian cybersecurity firm’s software to steal classified material from a computer belonging to a US NSA contractor, among other covert actions. It obviously comes as no surprise that Kaspersky has denied any and all such allegations, nor was it ever the latest victim of the recent hack attack by NB65.
Getting back to the source code dump, some cybersecurity experts who managed to take a look at it believe that it doesn’t actually contain any sensitive data – 90% of it was supposedly just index.html and robots.txt, as well as files you could easily find by installing the Kaspersky program itself – and that it is likely that the hacker collective is merely trying to send a message to Russia about its war against Ukraine.
— Soufiane Tahiri (@S0ufi4n3) March 10, 2022
This isn’t the first time that the NB65 group has set its sights on Russia. Back in February, the group attacked the Russian Institute for Nuclear Security and stole more than 40000 documents. At the same time, it also broke into the autonomous system of a Russian operator, gaining access to a massive number of information systems. Belonging to both government and military departments.