Source code for the latest version of the ZeuS crimeware kit has been leaked on the internet, giving anyone who knows where to look free access to a potent set of malware-generation tools that normally sell for as much as $10,000. Complete source code is available in at least three different locations, ensuring that it is now …
I kinda feel bad for the author of that code...
I kinda don't. He certainly didn't feel bad for all those people whose money were stolen with it.
Someone call the BSA!
Piracy of malware lol
Honour among thieves and all that, you know.
Past its prime?
Not that I know anything much about Zeus, but if it is beginning to have problems, then releasing it to the masses and allowing the market to fill up with clones, many of which will be inferior to the original, might be a good move. In the mean time the developers could move on to producing a better, premium product which would stand out against the newbies.
the developers probably just had an epiphany and now see the obvious benefits of open source development. depending on the licensing of course (haven't gone looking for it on sourceforge yet), they could just hoover up the best improvements into their premium version as you say.
Grab some popcorn, lock up your firewall nice and tight, and check your AV is up to date, as they said in Hot Fuzz ( and some other minor film about cops! ), "Shit just got real!"!
I look forward to analyzing the code
I've done a virus report card on Zeus/SpyEye vs Stuxnet vs The Perfect Virus that my someday-legal cyber privateers will use to loot the bad guys' bank accounts. I can't wait to get my hands on the Zeus source code and do a deep dive. Then I can upgrade my analysis on The Morgan Doctrine blog. Good news.
Publish the URL
So the source code for ZeuS has been published.
What does The Reg do? Nothing useful.
It's available to those who know where to look, by which you mean criminals of one sort or another, together with a small number of "security researchers".
Publish it properly. Let the script kiddies have their 15 minutes of fun before the whole thing is killed off.
What are you worried about? Breach of copyright FFS?
Maybe El Reg is being responsible ?
It is their duty to report the news, but is it their duty to make malware suits even more available than they already are ?
If this was a report about a cache of Anthrax, do you really think it would be a good idea to tell everyone where it is ?
Really, common sense has not survived the millenium.
DMCA takedown notice in 3...2...1...
Even script kiddies..
.. should be able to find a download link by now ;)