Post by yenilira on Feb 11, 2012 10:43:32 GMT 1
Thought I'd just share this one with you:
We all expect anti-virus firms to be the last place you’d find a hacker, but not so.
According to Microsoft, a former technical expert at a Russian anti-virus firm was the person responsible for operating the Kelihos botnet, a global spam machine that Microsoft helped take down last year.
According to Microsoft the technical expert worked as a software engineer and project manager at a company that provided firewall, anti-virus and security software.
Apparently, the technical expert’s role was discovered after a security researcher obtained a copy of the source code to Kelihos, which contained debug code that downloaded a Kelihos malware installer from the Internet domain registered in his name.
So will we see more hackers working in anti-virus and firewall companies?
Let’s hope not, since the inside knowledge they could gain in such organisations would help them evade the kinds of PC protection that anti-virus and other security software provides.
And of course, a hacker working inside an anti-virus firm could introduce secret back doors into the anti-virus software that they are developing, in order to allow viruses that they create to bypass the malware protection.
It is really difficult for the anti-virus companies to vet all of their staff, and when you have a deep understanding of PC security, the obvious temptation is to use that knowledge to make money, developing malware and other infections.
Let’s hope that this is an isolated case, and that no more hackers are lurking in firms that are trying to keep us protected from malware.
YL.
We all expect anti-virus firms to be the last place you’d find a hacker, but not so.
According to Microsoft, a former technical expert at a Russian anti-virus firm was the person responsible for operating the Kelihos botnet, a global spam machine that Microsoft helped take down last year.
According to Microsoft the technical expert worked as a software engineer and project manager at a company that provided firewall, anti-virus and security software.
Apparently, the technical expert’s role was discovered after a security researcher obtained a copy of the source code to Kelihos, which contained debug code that downloaded a Kelihos malware installer from the Internet domain registered in his name.
So will we see more hackers working in anti-virus and firewall companies?
Let’s hope not, since the inside knowledge they could gain in such organisations would help them evade the kinds of PC protection that anti-virus and other security software provides.
And of course, a hacker working inside an anti-virus firm could introduce secret back doors into the anti-virus software that they are developing, in order to allow viruses that they create to bypass the malware protection.
It is really difficult for the anti-virus companies to vet all of their staff, and when you have a deep understanding of PC security, the obvious temptation is to use that knowledge to make money, developing malware and other infections.
Let’s hope that this is an isolated case, and that no more hackers are lurking in firms that are trying to keep us protected from malware.
YL.