Slashdot Mirror

← Back to Stories (view on slashdot.org)

Author Kills DarkComet Spyware After Syria Uses It

Posted by Unknown on from the evil-doer-with-a-conscience dept.

judgecorp writes "DarkcoderSc (Jean-Pierre Lesueur) has ended the DarkComet Remote Access Tool (RAT) project, after it emerged that the Syrian government had used the software to spy on its opponents. The tool was also used to target Mac OS X systems last year."

13 of 50 comments (clear)

  1. Interesting. by gcnaddict · · Score: 5, Interesting

    So this was... legal malware? Can someone clue me in on the history of this utility? As far as I can tell, this looks like proof-of-concept/research malware designed to be used for testing purposes, but that's the best I can gather.

    --
    Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
    1. Re:Interesting. by Ciccio87 · · Score: 5, Informative

      So this was... legal malware?

      Hacking / security testing software is legal, it's its usage that could be illegal.

      Can someone clue me in on the history of this utility? As far as I can tell, this looks like proof-of-concept/research malware designed to be used for testing purposes, but that's the best I can gather.

      It was a RAT (Remote Administration Tool, strict relative of a trojan horse), it could, in effect, be used for good purposes (or for learning purposes, but, without sources, the chanches for this are lesser), however yes, it was mainly a PoC and an exercise in style.

      [OT] However, old news is old.

    2. Re:Interesting. by Anonymous Coward · · Score: 2, Informative

      Authors of RAT's usually claim they are for legal uses only, only to be used on computers you are allowed access to. Claiming it is like a VNC server, even though they are straight up trojan horses. I don't know of any trojan author who has gotten into legal issues who wasn't also involved in viruses / worms / bot nets.

    3. Re:Interesting. by Exrio · · Score: 2

      imagine the inventor of the firearm deciding to call it quits because someone found a way to hunt with it instead of kill people (in self defense even?).

      Except in this case, unless I'm missing something (is the Syrian government considered better or worse than the activists?), it's the other way around.

    4. Re:Interesting. by davydagger · · Score: 5, Interesting

      at this moment, there is no class of code that is illegal. Its completely legal to write malware, viruses, network security tools.

      Its only illegal if you use them against other people's computers. In fact most of the same tools used to break into computers are used to test security legimately, and many have even more diagnostic utilities.(wireshark, nmap, net cat, etc...)

    5. Re:Interesting. by v1 · · Score: 2

      Brutal military dictatorship (current government) or Islamist theocracy (rebels), take your pick.

      Nuke from orbit?

      So easy to go back only a few decades and see how the US, USSR, etc were backing revolutions to get rid of an undesirable govt, only to see it replaced with something different but just as bad. Pineapple face comes immediately to mind, but I heard there was a hand in Saddam as well, just to name a few.

      Thing is, the "rebels" are rarely being lead by someone that supports the people. It's more often someone that wants power. All the "people" generally want is change, but the wrong kind of change is usually the only one that has a chance of succeeding.

      --
      I work for the Department of Redundancy Department.
    6. Re:Interesting. by ae1294 · · Score: 4, Informative

      In Japan it's illegal to write or even save a virus to your computer. Apparently you get 3 years of jail time for writing and 2 years for acquire a virus.

      Citation: http://www.futuregov.asia/articles/2011/jun/22/japan-enacts-anti-computer-virus-law/

    7. Re:Interesting. by Monkier · · Score: 2

      Some was arrested in Japan for this recently: http://yro.slashdot.org/story/12/07/05/135230/japanese-13-year-old-arrested-for-virus-creation

    8. Re:Interesting. by Anonymous Coward · · Score: 2, Informative

      No, GoToMyPC and LogMeIn don't have a built in option to inject the server code into a running iexplorer.exe process to disguise itself as a trusted program to bypass firewalls like DarkComet or other spyware.

  2. Prosecute authors of remote administration tools? by tepples · · Score: 5, Interesting

    This in the article worries me: "Symantec said that any closures of [remote administration tool] projects were a positive thing, especially if the creators were compelled to do so by the threat of prosecution." So are GoToMyPC, LogMeIn, and SSH considered terrorist tools now?

  3. Re:Prosecute authors of remote administration tool by Anonymous Coward · · Score: 3, Interesting

    So are GoToMyPC, LogMeIn, and SSH considered terrorist tools now?

    No, you fucking idiot. But nice strawman since the person you quoted said nothing about terrorism.

  4. Re:Prosecute authors of remote administration tool by Anonymous Coward · · Score: 3, Insightful

    So your logic is: if Syria = Terrorism and Syria = (RAT) , there for (RAT) = Terrorism?

  5. I don't get it... by ettusyphax · · Score: 3, Insightful

    So he shut the project down ostensibly because the Syrian government was using it to spy on citizens or whatever. "Misuse of the tool" being his words. Okay yeah that sucks but what did he expect people to use it for? Monitoring their baby's computer to make sure it doesn't choke on the keys? Shutting it down now as opposed to before when it was never used for nefarious ends? Seems like a pile of BS to me. More likely he shut it down because of legal threats now that he's on the radar - as is not-so-subtly implied by the article.

    You made a bomb "for educational purposes" and then gave it away. Don't pretend like you're on some moral high ground when it goes off in someone's face and your name shows up in the newspaper.