5.7 KiB
Before disabling any content in relation to this takedown notice, GitHub
- contacted the owners of some or all of the affected npm packages to give them an opportunity to unpublish the package.
- provided information on how to submit a DMCA Counter Notice.
To learn about when and why GitHub may process some notices this way, please visit our README.
Are you the copyright holder or authorized to act on the copyright owner's behalf?
Yes, I am authorized to act on the copyright owner's behalf.
Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?
No
Does your claim involve content on GitHub or npm.js?
Both
Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.
Kasada PTY LTD owns the copyright to the code.
For context: the system that leverages this code is used to secure hundreds of web and mobile applications, including some of the largest companies in the world. Collectively it protects the web activities of hundreds of millions of users worldwide, every day. Copying this proprietary material presents a significant and material risk to the security of these companies and an unauthorized use of our copyrighted material.
Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.
The original copyrighted work is part of a proprietary Virtual Machine (VM) Obfuscation system for Kasada’s javascript code. The code it is used to protect performs functions as part of a Bot Detection system that protects against malicious automation methods and its impacts which include fraudulent Account Takeover attacks and other security threats as well as malicious activities such as inventory hoarding and content scraping.
Significant parts of the code, which forms a large portion of Kasada’s intellectual property, have been taken without authorization from Kasada Pty Ltd (or its Affiliates) and replicated in the provided repositories.
Kasada is the sole owner of this intellectual property and all code created or derived from it. Kasada takes great care to protect the integrity of its code base and has not authorized the use, packaging, refactoring or distribution of this code or derivatives of this code.
What files should be taken down? Please provide URLs for each file, or if the entire repository, the repository’s URL.
https://github.com/youdie323323/enigma
https://github.com/lRosenYTl/js-enigma-vm
https://github.com/ethnh/js-enigma-vmc
https://www.npmjs.com/package/enigma-vm (request package takedown)
Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our Complaints about Anti-Circumvention Technology if you are unsure.
Yes
What technological measures do you have in place and how do they effectively control access to your copyrighted material?
Kasada protects this code in multiple ways such as code obfuscation, security measures including role-based access controls.
We also have robust nondisclosure agreements with staff, customers, business partners and suppliers, and IP protection clauses in our contracts.
How is the accused project designed to circumvent your technological protection measures?
We have strong evidence that the repository owner copied Kasada proprietary code directly:
489087d538/Sources/ProgramBuilder/Bytecode/BytecodeTranscoderProvider.ts (L82) . ips here is a reference to one of Kasada’s VM obfuscated files (ips.js), including the interpreter that was stolen.
Have you searched for any forks of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.
Yes.
https://github.com/youdie323323/enigma
https://github.com/lRosenYTl/js-enigma-vm
https://github.com/ethnh/js-enigma-vm
https://www.npmjs.com/package/enigma-vm (request package takedown)
Is the work licensed under an open source license?
No
What would be the best solution for the alleged infringement?
Reported content must be removed
Do you have the alleged infringer’s contact information? If so, please provide it.
No
I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.
I have taken fair use into consideration.
I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.
I have read and understand GitHub's Guide to Submitting a DMCA Takedown Notice.
So that we can get back to you, please provide either your telephone number or physical address.
[private]
Kasada Pty Ltd, [private]
Please type your full legal name below to sign this request.
[private] ([private])