FBI detained a Russian programmer on a tip from Microsoft

Yesterday, in Seattle, FBI agents detained Russian programmer Alexei Kibkalo on suspicion of divulging Microsoft's trade secrets.

Alexei Kibkalo ( akibkalo ), a graduate of the Moscow State University, worked at Microsoft for over 7 years ( from May 2005 to September 2012 ), most recently served as a senior architect responsible for technology and virtualization projects in the MEA region (more than 80 countries). Repeatedly spoke at technical conferences and is well known in the IT community. He is among the ten most certified Microsoft experts in the world. Participated in the development of many courses and exams in conjunction with Microsoft Learning. Co-author of books Microsoft Press. Founder and co-author of one of the most popular Russian-language blogs on TechNet.

In 2013, Alexey Kibkalo left Microsoft for 5nine, where he coordinated the development of management and security products for Microsoft Hyper-V.

Kibkalo is accused of transferring “Microsoft's trade secrets” to an unnamed French blogger for publication, including the proprietary program Activation Server Software Development Kit and Windows 8 internal builds long before the official release of this OS.
')
Microsoft officials told the FBI that Alexey’s activities “could have contributed to reverse-engineering the code” and bypassing the Windows authentication mechanism.

They do not initiate a case against a blogger, because he did not publish in the open access practically nothing but screenshots, and even seemed to dissuade Alexey from “illegal” actions. Problems arose in September 2012, when a blogger for some reason sent another Activation Server SDK code to another Microsoft employee asking him to confirm his authenticity, although he could just send a hash. He immediately contacted Microsoft security, and she launched an investigation. After examining the blogger's mailbox on Hotmail, they found a letter from Alexey Kibkalo with links to hotfixes for Windows 8. It happened long before the release of this OS, when only rumors about it were circulating.

Having picked up logs from their servers, Microsoft was able to restore the history of IM messages between Kibkalo and the blogger. There was enough compromising correspondence to charge a programmer. In addition, Alexey allegedly himself admitted in a conversation with Microsoft investigators that he had transferred "on the side" some corporate programs and documents. In September 2012, he quit or was fired from Microsoft. In the middle of 2013, the case was referred to the FBI, and now the story has taken a completely unpleasant turn.

In addition to disclosing trade secrets, Alexei faces charges of illegally entering Building 9 on the Microsoft campus and attempting to copy the contents of the server.

The investigation against Kibkalo was probably conducted in secret. His latest post in the official blog on TechNet was published just a week ago . It seems that Alexey was immersed in his work and did not think that an investigation was underway.

PS Published court documents on Alexei Kibkalo