[ISN] Hackers reopen stolen code store with Cisco wares

From: InfoSec News (isn@private)
Date: Thu Nov 04 2004 - 00:12:24 PST


http://www.computerworld.com/securitytopics/security/story/0,10801,97194,00.html

By Paul Roberts
NOVEMBER 03, 2004 
IDG NEWS SERVICE

An anonymous group of malicious hackers reopened an online store that
sells the stolen source code of prominent software products and is
offering the code for Cisco Systems Inc.'s PIX firewall software for
$24,000, according to messages posted in online discussion groups.

The Source Code Club reappeared online Monday, using messages to
online security discussion groups to announce that it was back in
business. The group is using e-mail and messages posted in a Usenet
group to communicate with customers and take orders for the source
code of several security products, including Cisco's PIX 6.3.1
firewall and intrusion-detection system software from Enterasys
Networks Inc., the group said.

Cisco did not immediately respond to a request for comment.

The club first surfaced in July, using a Web page with an address in
Ukraine and messages posted to the Full-Disclosure security discussion
list to advertise its wares. Initially, the Source Code Club said it
was selling "corporate intel[ligence]" to its customers, along with
other unnamed services, according to a message posted in July to the
Full-Disclosure mailing list by a group or individual using the name
"Larry Hobbles."

The club offered the Enterasys Dragon IDS 6.1 source code for $16,000
and the code for file sharing software from Napster LLC, now part of
Roxio Inc., for $10,000. However, the group was forced to shutter its
operations after just a few days, citing the need to redesign its
business model.

In its latest incarnation, the Source Code Club is still marketing
itself as a corporate espionage service, but is also playing on
domestic security fears, appealing to "intelligence agencies [and]
government organizations" that want to understand exactly what
products like Cisco's PIX firewall do.

The group has raised the price on the Enterasys and Napster code, to
$19,200 and $12,000, respectively, according to a new message from the
group, which was also posted under the name "Larry Hobbles."

The Source Code Club is also offering private membership for those who
buy one full copy of product source code, with the promise of access
to a list of more source code "deemed to [sic] sensitive to put up,"  
the message said.

Cisco PIX is one of the most commonly deployed corporate firewalls.  
Version 6.3.1 was first released in March 2003. The current version is
6.3.4, which was released in July.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Thu Nov 04 2004 - 01:27:40 PST