Sign in / up

back to article Researcher snaps a Zeus hacker's photo through his webcam

Security researcher Raashid Bhatt has detailed how to bust the security protections of the Zeus banking trojan allowing him to take a webcam photo of the scammer. Bhatt (@raashidbhatt) wrote in a technical blog how he reverse-engineered the malware after a scammer attempted to foist the malware on him through a phishing scam …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Richard Taylor 2
    Happy

    Really

    quite amusing

    2 0 Reply
    1. Fihart
      Reply Icon

      Re: Really

      Lovely that the hacker didn't have the sense to disable a webcam.

      1 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Really

      Presumably the attacker is from Croydon then....

      1 0 Reply
      1. Destroy All Monsters Silver badge
        Reply Icon

        Re: Really

        He looks like he's from Nigeria, rather.

        1 1 Reply
    3. JeffyPoooh
      Reply Icon
      Pint

      "Hacker snaps a Zeus hacker's photo through his webcam"

      There, I fixed it for you.

      Not that there's anything wrong with that. It's just that the only air gap between the "Researcher" and the "Hacker" is motivation - we hope.

      0 0 Reply
  2. Anonymous Coward
    Joke

    Cylon??

    Or at least a close cousin based on the swishing light where the eyes should be.

    Joke Alert, in case there is anyone of German descent reading this.

    4 0 Reply
    1. d3rrial
      Reply Icon

      Re: Cylon??

      I'm German and I am greatly offended by this. I demand you respect the rule of the towel!

      7 0 Reply
  3. WonkoTheSane
    Big Brother

    Bhatt missed a trick.

    He should have replied to the phishing email by saying:-

    "That's not the dead guy outside OUR office, Our dead guy looks like this" and attach the scammer's webcam feed URL

    18 0 Reply
    1. kain preacher
      Reply Icon

      Re: Bhatt missed a trick.

      I wish he had of didthat, but some people might take that as a death threat.

      2 2 Reply
      1. Naughtyhorse
        Reply Icon

        Re: yeah?

        well, fuck 'some people'!

        IMHO he should not have masked the pic. protecting the anonz of the scammer. fuck him! what's he going to do, complain about it?

        Post his ip addy, mac number and inside leg measurement.

        4 1 Reply
      2. Destroy All Monsters Silver badge
        Reply Icon

        Re: Bhatt missed a trick.

        Frankly, this world could do with more death threats.

        4 2 Reply
      3. I. Aproveofitspendingonspecificprojects
        Reply Icon

        Re: Bhatt missed a trick.

        A death threat?

        Removing his eyes?

        I'd have let him keep his eyes while he needed them to watch the operation to remove his lower jaw, break it and stuff them teeth first up his backside.

        Then perhaps remove his eyes. Or maybe let other people see him watching the looks on his face as he complains to them?

        0 0 Reply
  4. Steve 13

    Risky

    Isn't this security researcher risking prosecution? Reverse hacking isn't any more legal than hacking... At least if I've understood UK law correctly (and the guy is in the UK).

    Edit - based in Kashmir, so he's probably safe from the long arm of the UK law.

    1 2 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Risky

      Chasing a mugger and removing his balaclava is legal. Doesn't this come under reasonable pursuit?

      7 1 Reply
    2. Oninoshiko
      Reply Icon

      Re: Risky

      Did he agree to the terms of service when installing the Zeus trojan? no?

      I'd say he's dead-to-rights to reverse engineer it. From there, it's not really HIS fault that it was capable of controlling the ner'do'well's camera. Seems to me that's part of the intent of the software, so the person who installed it must have intended for him to use it this way. All's good in my book.

      1 0 Reply
  5. TeeCee Gold badge
    Happy

    Shame he didn't have two webcams.

    A great use for SCORPION STARE.......

    7 0 Reply
  6. Ian Michael Gumby

    Just a thought...

    Did he manage to capture the GPS location of the snapped pic?

    2 3 Reply
  7. Henry Wertz 1 Gold badge

    Hah

    You hack me? Hah I reverse hack you back. I take yo' photo.

    1 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like