We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

SpyEye Source Code Is a Double-Edged Sword

Security researches have exposed the source code for the SpyEye malware development kit

The source code of the SpyEye malware development kit is now available thanks to Xyliton and the Reverse Engineers Dream Crew (RED Crew). At face value, this is great news because it helps the security industry understand and combat SpyEye, but there is also a down side.

Opening the secrets of the software will help security researchers combat the threat, but it also exposes the source code to other malware developers who can now adapt and morph SpyEye into a new, more insidious threat. Just as the security industry unveils and defangs SpyEye, new SpyEye variants will appear that continue to thwart efforts to block it.

A blog post from Damballa Labs declares, "SpyEye has been on everyone's priority list of threat discussions for quite some time, and is now going to become an even more pervasive threat. The same thing happened when the Zeus kit source code was released in March 2011."

Breaking into the source code is great news for the security research and anti-malware communities. The best way to develop effective defenses for SpyEye attacks is to understand the inner workings of the malware development kit itself, and be able to identify unique aspects of SpyEye threats so they can be blocked.

Unfortunately, because the crack to get to the SpyEye source code has been released to the public, its use is not limited to ethical security researchers. Purchasing the SpyEye malware development kit bundle costs about $10,000, but now would-be cyber criminals can keep their cash and set up shop for free by finding a leaked copy of the SpyEye malware kit and using this crack.

The Damballa blog post warns, "Reverse Engineering is nothing new, but putting in the hands of babes one of the most powerful cyber threats today, 'for free', is something that will mean even more sleepless nights for security administrators."

Sean Bodmer, Senior Threat Intelligence Analyst for Damballa, explains, "Damballa labs has been tracking dozens of new Zeus bot operators since the leak earlier this year, and now that SpyEye has been outed it is only a matter of time before this becomes a much larger malware threat than any we have seen to date."

Bodmer sums up, "So for the next few months, please hold onto your seats people... this ride is about to get very interesting."


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia