Feeds

Ukrainian cops silence old-skool virus tinkerers' playground

'It's not a game any more, chummy'

SANS - Survey on application security programs

Ukrainian cops have shut down a long-running malware exchange website frequented by old-school virus writers.

A message on the front page of the VX Heavens website announces that the site has been forced to shut up shop after the plods seized its servers last Friday as part of a criminal investigation. According to the shuttered site:

For many years we were tried hard to establish a reliable work of the site, which supplied you with a professional quality information on systems security and computer virology. We do always believed that a true research in any field (computer virology included) is only possible in the atmosphere of trust, openness and mutual assistance.

Unfortunately...

Friday, 23 March, the server has being seized by the police forces due to the criminal investigation (article 361-1 Criminal Code of Ukraine - the creation of the malicious programs with an intent to sell or spread them) based on someone's tip-off on "placement into the free access malicious software designed for the unauthorised breaking into computers, automated systems, computer networks".

The absurdity of such statement we need to prove in the court...

We are sorry, but until the case is still open we are unable to offer our services in any form.

VX Heavens, which bills itself as a vault of information, provided virus-writing tutorials as well as malicious code samples and other resources. The site had been running for many years prior to last week's takedown operation.

The site was part of the old-school virus development scene and something of a throwback to days of old before profit-making Trojans dominated the malware landscape, according to anti-virus firms.

"The folks using the VX Heavens website were probably not in the same league as the financially-motivated organised criminals computer users are often troubled by today, and mirror rather more the hobbyist malware authors of yesteryear," explained Graham Cluley in a post on the Sophos Naked Security blog.

"Nevertheless, it's clear that the Ukrainian authorities didn't like what they saw and have confiscated the website's servers in their hunt for evidence of criminality. Let no one be under any illusions: malware creation and distribution of viral code has become a big concern for the-powers-that-be. It's not a game anymore - if you play in this area, don't be surprised if the authorities take a dim view," Cluley added. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.