The source code within the ELCRABE.RAR archive dates back to . It primarily consists of code for the Kaspersky Anti-Virus (AV) 2008 and Kaspersky Internet Security 8.0 suites. Key details of the incident include:
The files indicated they were developed using Visual C . Security Impact and Response
The ex-employee was apprehended and sentenced by a Moscow district court to a three-and-a-half-year suspended prison term for intellectual property theft under Article 183 of the Russian Criminal Code. KASPERSKY.AV.2008.SRCS.ELCRABE.RAR
While the theft occurred in 2008, the code did not appear on public file-sharing sites like The Pirate Bay until January 2011 . Contents of the Archive
Kaspersky Lab officially confirmed the leak on , but downplayed its severity. The company stated that the code was obsolete and represented only a small fraction of their modern products. By the time the code went public, the antivirus engine had been radically redesigned, making the leaked logic largely irrelevant for attacking contemporary systems. The source code within the ELCRABE
A former Kaspersky employee stole the code in 2008. He initially attempted to sell it on the black market for profit.
Technical analysis of the leaked files revealed a complex collection of development assets: Security Impact and Response The ex-employee was apprehended
The code was written primarily in C++ and Delphi , with some assembly files included.