Source Code of SpyEye Released Online
A French security investigator Xyliton, recently, leaked out the source code of the world's most sophisticated as well as harmful malware toolkit namely SpyEye, version 1.3.45. Security reported this on August 12, 2011.
Actually, having managed in spotting the code's replica, Xyliton crafted a tutorial which by reading carefully could let any person unlock the code's HWID (Hardware Identification) that had been protected with one licensing program namely VMProtect designed to encrypt a software installation on a certain tangible gadget.
Moreover, at the time of releasing the SpyEye's source code, the security expert also issued the 'HWID' unlocking key's source, so people could start searching the flaws within the code developer's item.
Meanwhile, commenting on the leak, Senior Threat Intelligence Analyst Sean Bodmer at Damballa stated that the exposure was important since it depicted SpyEye developer Gribo-Demon's along with his team's methods of coding. Security published this in news on August 12, 2011.
Bodmer further commented that the leak simultaneously as well put the remaining security community on notice since the moment an aspiring cyber-criminal had the source under his possession, he could start breaking SpyEye to pieces.
Furthermore, now that the toolkit had been exposed, little time would be lost when the kit would be used to impose a far greater e-threat compared to any that had been observed hitherto, the specialist stated.
Additionally, considering that the SpyEye developer and his team are talented, it isn't anything surprising to have the code developed; however this may imply that anybody can presently unlock the 1.3.45 edition as also start issuing newer editions carrying more fresh characteristics.
Another point of concern is that although the cost of SpyEye can typically be USD10,000 or so, yet with SpyEye's source as also the tutorial depicting the way for unlocking its DRM having gotten public, miscreants are sure to take on to exploiting the toolkit.
Conclusively, security specialists state that since long an e-threat under everybody's priority discussion has been the SpyEye, which's heading to prove an increasingly pervasive one that's exactly what happened when, during March 2011, someone published the source code of the Zeus toolkit.
Related article: Surge in Spam attack
» SPAMfighter News - 23-08-2011