Slashdot Mirror

← Back to Stories (view on slashdot.org)

SpyEye Trojan Source Code Leaked

Posted by Soulskill on from the without-the-consent-of-major-league-baseball dept.

wiredmikey writes "The SpyEye malware kit has long been both the bane of unsuspecting victims and a boon for cyber-criminals. Now, according to security researchers, the situation may have taken a turn for the worse. The SpyEye Builder patch source code for release 1.3.45 was leaked by the Reverse Engineers Dream Crew (RED Crew) recently after a crew member was able to locate a copy of SpyEye Builder 1.3.45 and create a tutorial that enables a reader with SpyEye Builder to crack the hardware identification."

11 of 55 comments (clear)

  1. Re:The department? by Anonymous Coward · · Score: 2, Informative

    It's from the Simpsons episode "Brother's Little Helper."

    *TWELVE YEAR OLD SPOILER WARNING*

    Major League Baseball is found to be spying on Americans with spy satellites.

  2. Re:WTF by Lumpy · · Score: 2

    Hello? this was FOR script kiddies, it was DESIGNED for script kiddies. Script kiddies have had all along.
    it.
    Now joe schmoe script kiddie that does not have any money at all because he blows it all on Monster and Twizzlers in his mom's basement can now have

    --
    Do not look at laser with remaining good eye.
  3. Re:WTF by flappinbooger · · Score: 4, Informative

    ...does any of this mean? Can we get summaries that aren't the first paragraph of TFA? Can we get an explanation of what the hell TFA is talking about and why we should care?

    Sheesh.

    Spy Eye is a pretty well known and powerful RAT/Bot tool on level with the venerable Zeus. The real non-backdoored copies are (generally) all for-pay.

    This is a licensed for-pay malware/crimeware toolkit. The source code is leaked and there is a CRACK for the builder. This is key. Now it's easier for the freeloaders and skiddies to get at and CUSTOMIZE this high level malware tool, making it harder to detect.

    This means things are going to get more interesting (re: worse) before they get better.

    The 'hacker" scene is like .001% real coder and 99.999% script kiddie and leach. This makes powerful tools available to many more people than before.

    --
    Flappinbooger isn't my real name
  4. More info by Anonymous Coward · · Score: 3, Informative

    From ComputerWorld: "SpyEye is a particularly nasty piece of malicious software: it can harvest credentials for online accounts and also initiate transactions as a person is logged into their account, literally making it possible to watch their bank balance drop by the second."

    The malware kit is normally sold to criminals, with each sold copy protected by an encryption scheme of some kind. This encryption scheme was cracked and the source code also released, so anyone can now freely compile the software. The malware also uses a botnet to perform transactions using compromised banking credentials. It's not clear if the hack also enables one to setup or control the botnet aspect. However, one could presumably make use of the capability to directly initiate transactions on the victim's computer.

    And to think I just got all my online accounts linked together to make my life easier!

  5. Re:WTF by zget · · Score: 2

    Yes, it's really trivial to patch human stupidity, which nowadays leads to most malware infections.

    --
    Google+ vs. Facebook, and why Google+ will fail
  6. Re:WTF by dgatwood · · Score: 2

    Please explain exactly how "human stupidity" leads to malware infections.

    User is presented with a web site banner ad for a fake antivirus product. User downloads the antivirus product and installs it. User gets hosed.

    I'm sure I can come up with a simple technical solution for every one.

    Good luck with that. (BTW, solutions that bring with them a host of other problems, e.g. walled gardens, don't count, as they aren't simple.)

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  7. Re:WTF by geekprime · · Score: 2

    It's called the dancing bunnies problem

    http://www.google.com/search?q=dancing+bunnies+problem

  8. on the good side by kwikrick · · Score: 3, Insightful

    with the source code out, it should be easy to plug the security holes that the spyware uses, and it should be easy to generate hashes and heuristics for virus scanners to detect spyware on infected computers. In theory anyway.

    --
    assignment != equality != identity
    1. Re:on the good side by NotQuiteInsane · · Score: 2

      ... Or make variants of the spyware which avoid said heuristics.

      Sir, I'd like you to meet my friend, the double-edged sword...

  9. Re:The department? by kmoser · · Score: 2

    Believe it or not, the phrase was around long before the Simpsons parodied it.

  10. Re:WTF by BosstonesOwn · · Score: 2

    Just throwing this out there but doesn't OS X and Linux both require a password installing software from a downloaded package ? as well as windows when running as a non admin user ?

    And we all run as non admin users right ?

    I think you doubt the "want it now" factor.

    I know quite a few occasions when a savvy user was faked into clicking the close button on a browser window and the browser launched an escalation attack and injected it's own app and infected the system.

    --
    This package Does Not Contain a Winner