Author of TreasureHunter PoS Malware Releases Its Source Code

[DooKey]

Thanks to the author of TreasureHunter PoS malware the source code for this is now available in the wild. This malware was previously used by a Russian-speaking group named Bearsinc to steal CC data. Now that the source is available to all we can probably expect many groups to modify the code and cause even more financial damage to companies and individuals who use credit cards. Thanks a lot anonymous dude for putting this out there. However, there is one bright side to it and that's the fact that white hats can now analyze the code and develop better defenses against this kind of malware.

What is not clear at the moment is why exactly the Russian-speaking author of the malware decided to leak its source code publicly. "We hypothesize it is likely they did this in [an] attempt to distance themselves from being unique malware code owners," says Kremez. Often, threat actors resort to the tactic to frustrate efforts by law enforcement investigators and security researchers to attribute attacks and malware to specific threat actors and groups.

 

[SomeoneElse]

The proverbial double edged sword. Its bad that it was released but good that those who prefer to not do nefarious deeds can create better mitigation for this stuff. That's the beauty of open source.

 

[viscountalpha]

I think it is going to do more good then harm. I would argue that White hats get better funding in general.

 

[theBrownLlama]

no idea why multi million / billion dollar American corps do not fund proper , scope-defined software....

if only there was a boycott movement similar to Starbucks / Waffle House or whatever else in the racially charged news next week, for these faulty software firms