Struts Lücke

Das gibt noch mehr Leaks, wenn nicht nur IRC-Bouncer installiert werden.

“Many of those apps may be essentially abandoned,” Bright wrote. “The earliest affected version of Struts was released in October 2012, and I bet that there’s plenty of apps developed since then that are ‘finished’. They’re still used and deployed, but they’re not receiving ongoing maintenance; their developers have moved on to other projects, or even other companies.”

Malwaretech hat Kronos geschrieben!

“He admitted he was the author of the code of Kronos malware and indicated he sold it.”


The judge said the defendant was not a danger to the community nor a flight risk and ordered him to remain in the US with GPS monitoring.

Leider geht aus dem Artikel nicht hervor, wie sie ihn gefunden haben. Sie haben wohl Chatlogs zwischen ihm und dem Mitangeklagten. Außerdem haben verdeckte Ermittler den Trojaner gekauft.

“He has tremendous community support, local and abroad and in the computer world.”

Er hat zugegeben, den Banking-Trojaner geschrieben zu haben. Dafür bekommt er jetzt von Whitehats Unterstützung?