Cheap SpyEye code threatens to proliferate malware

Source code for expensive SpyEye Trojan malware is now available on the cheap, and that could lead to a major increase in SpyEye-based cyberattacks, writes Dark Reading’s Tim Wilson.

A French researcher who is part of the Reverse Engineers Dream Crew cracked the code’s licensing protection, which had allowed code dealers to sell SpyEye kits for as much as $10,000, Wilson writes.

A cyber threat analyst at security vendor Damballa reported the news in a blog entry, adding that the increased accessibility of the codes comes with another problem. He told Wilson that attributing an attack to a source could become even more difficult without a relatively sizable money trail to follow.

SpyEye has connections to the ZeuS Trojan malware — whose code is also free now — that helped hackers steal millions from banks. The sophistication of malware kits such as those for SpyEye and ZeuS allow unsophisticated hackers to wreak havoc. Until recently, the barrier for such hackers had been a lofty price tag. With the economics of source code changing quickly, a significant jump in cyberattacks could be on the horizon.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • automated processes (Nikolay Klimenko/Shutterstock.com)

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected