It seems that the source code for one of Kaspersky's security suite products has been leaked online and is available for download from torrent and file hosting websites. According to a description accompanying the release, the sources were stolen from Kaspersky Lab in 2008 and the last changes made to them date from December 2007. The code is written in C++ and Delphi and covers the anti-virus engine, as well as the anti-phishing, anti-dialer, anti-spam, parental control, and other modules. We don't know yet to what version of Kaspersky's security suite the sources actually correspond to, but 8.0 is the most likely candidate at this point. The Russian vendor's line of products is now at version 11.0, which is publicly marketed as 2011 and PURE, for the most complete offering. We have contacted the company at several different email addresses to ask for clarifications regarding this major intellectual property theft incident, but we have yet to receive a response. Rumours about a security breach at Kaspersky resulting in source code being leaked have been going around since 2009. It has also been suggested that the hackers responsible originally put the code up for sale. Obviously the sources for one of the leading antivirus engines on the market today, even if two years old, would be quite valuable for both competitors and malware writers. Its likely that the code has seen significant changes, improvements and additions since then, but much of it is probably the same. A company looking to develop its own anti-malware product in a country where intellectual property laws are not very strongly enforced or lacking, could easily use it as inspiration.