The Tech Herald

SpyEye source code leaked to the Web

by Steve Ragan - Aug 12 2011, 10:00

One of the most infamous Malware kits in the world, SpyEye, is now available to anyone after a French security researcher published the source code for version 1.3.45 on Thursday. One of the things that has made the Malware kit so popular is that it incorporates features and code from its predecessor, Zeus.

According to reports, Xyliton, a French researcher with the Reverse Engineers Dream Crew, located a copy of the source and created a tutorial on how to crack SpyEye’s hardware identification (HWID) which has been secured using VMProtect (a licensing tool that locks an installation of software to a particular physical device).

“This leak is important as it illustrates the coding techniques of Gribo-Demon’s team (the authors of SpyEye) and also deals another blow to the underground criminal ecosystem,” commented Sean Bodmer, Senior Threat Intelligence Analyst at Damballa.

At the same time, this leak also puts the rest of us on notice, he added. As once the builder is in hand, the aspiring criminal can begin tearing apart SpyEye. 

Granted, Damballa's researcher notes, reverse engineering is nothing new in the criminal and security world, but putting "one of the most powerful cyber threats today" in the hands of babes no less, is something that will translate into sleepless nights for security administrators.

SpyEye would typically cost about $10,000 USD or more. However, given that the source code, and walkthrough on how to crack SpyEye’s DRM are public domain, criminals will fall all over themselves to leverage this kit.

“…now that SpyEye has been ousted it is only a matter of time before this becomes a much larger malware threat than any we have seen to date. So for the next few months, please hold onto your seats people… this ride is about to get very interesting.”

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Chevrolet shows off the 2015 Colorado with digital experience

Chevrolet has launched a new website to show buyers all the bells and whistles available on ...

Mazda to debut CX-3 and MX-5 at Los Angeles Auto Show

Mazda has announced plans to premiere the new Mazda CX 3, its new compact crossover SUV, at ...

Ford issues safety recall for 204,448 Ford Edge and Lincoln MKX

Ford has issued a safety recall for 204,448 of the 2007-2008 Ford Edge and Lincoln MKX in No...

Mopar Previews SEMA Custom Rides

We have added a set of pictures released by Mopar ahead of the SEMA Show. Mopar are bri...

Audi R8 Competition – The Most Powerful Production Audi Ever

Audi has revealed details of their new super-fast Audi R8 Competititon — the most powerful a...