Russian hackers groups sold WMF exploit

By Derek Sooman on February 5, 2006, 3:21 AM
Wanna buy the exploit code responsible for the WMF attacks last December? If so, it seems that hacker groups in Russia were selling it, and for a mere $4,000, according to Kaspersky Lab.

"One of the purchasers of the exploit is involved in the criminal adware/spyware business," read a Kaspersky quarterly report released this week. "It seems likely that this was how the exploit became public."




User Comments: 7

Got something to say? Post a comment
Need_a_Dell said:
Ummm... Can't anybody do anything about this? If the media is aware of this, why don't they shut down the sale and arrest the people responsible for selling and buying it. I can't believe we're at a point in time when you can openly sell the source code for a virus online. We've come to an odd time in computing, that's for sure.
blue_dragon said:
yea theres actually someone selling their myspace on ebay...next thing happening? organs being digitized and sold on ebay and rematerialized to the buyer
MonkeyMan said:
Well, in the world of high tech computers, it seems as though we have come to a dilemma. And you know what? these viruses are going to make secure servers unstable, and cause major problems all around the world, involving security. These hackers, will all eventually get caught, but what I want to know is, if they are so intelligent to make these viruses and cracks, why can't they be smart enough to realize that eventually they will get caught?
Nodsu said:
Cybercriminals don't get caught. How many cybercrime arrests do you know about? Now take that number and compare that to the tens thousands of cybercriminals out there. Not to mention that the jobs done by the best crackers will never be discovered. Only the sloppy beginners actually leave traces.People mug other people for sums like $50 (and they eventually actually get caught). Compare that to couple of weeks worth coding and a $4000 reward with virtually no risk of getting caught..
nathanskywalker said:
Wow, this is kinda of bad....duh...[quote]ybercriminals don't get caught. [/quote]you want names? Cyber criminals do get caught, that is just very difficult to accomplish. But mabye i am misunderstading you. If you describe a cyber-criminal as someone who breaks the law through use of the internet, man they get busted all the time!!! Look back a few articles, the FBI just arrestted a whole gang ofthem. don't feel secure that just because they can't see you, they can't find you, there are ways....you're computer does leave traces, and while they are difficult to foloow; just as every system can be broken, every breaker can be caught...it's just a matter of time......Like i said, i may have misunderstood.
Nodsu said:
Oh, wow, they caught some people copying CDs. Doesn't take much brain to do that stuff you know. We are talking different leagues here. Yes, my computer does leave traces. But if I am to do something illegal, I will use at least three hijacked computers from all over the world and I will format every one of them when I'm done. Who is going to find me? The FBI will perform forensics on every computer in the world that was formatted during the last 24 hours? The thing is, all these "traces" are kept on computers and guess what, computers can be broken into and manipulated.And with time, only thing that happens is my traces disappearing. ISPs keep detailed logs for maybe 24 or 48 hours, depending on the laws and botherment. Other kinds of logs are kept for few weeks or months..
AeonXX said:
If youíre going to sell something like this, at least make a mint off of it, youíre also selling the associated risk! Wait, thatís not what I meant, what they did is wrong! Bad!As for computer traces, they arenít limited to the many logs stored on remote servers. I attended a meeting led by the FBI director of computer security a year ago, and he answered a lot of my questions. One such question was, if I were to write 0ís to a hard drive (a low-level format), then how would forensics go about scraping off the data? He told me theyíve recovered data from hard drives that have been obliterated by fire, the elements, and just about any kind of acid you can imagine. Basically, they reproduce the data by looking at its magnetic properties. He said that writing 0ís to a hard drive does make it more difficult to recover, but not impossible, of course. Like Nodsu said, if someone really wanted to get away with something, they wouldnít do it from a computer that could be traced back to them.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.