 |
| Suchkov, a member of the 29A virus-writing gang,
was found guilty and fined 3000 roubles. |
Authorities in Russia have pronounced a member of the notorious
international 29A gang guilty of writing viruses.
Eugene Suchkov admitted writing the W32/Stepan and Gastropod
viruses, and posting their live code alongside the source code
necessary to create new variants on a number of underground virus
exchange websites. He was found guilty and fined 3000 roubles
($105) for his activities, and will now carry a criminal
record.
Suchkov, who went by the pseudonym of "Whale", was a member of
the 29A virus writing group which has members based in several
countries. Others involved with the gang have names such as
"Z0MBiE", "The Mental Driller" and "Ratter". The 29A virus-writing
gang is so-named because "29A" is the hexadecimal for "666".
"A 3000 rouble fine is little more than a smacked bottom, but he
has been found guilty and it's encouraging to see the Russian
authorities taking action against virus writers," said Graham Cluley, senior
technology consultant for Sophos. "With so many computer criminals
based in Russia it's time to send out a strong message that those
who write and distribute viruses have nowhere to hide."
In an interview with a British internet magazine late in 2003,
"Whale" predicted that a future potential playground for virus
writers would be Microsoft's .NET framework.
"Whale" then published articles on the internet earlier this
year explaining how a .NET virus could be written.
A bad week for the 29A virus-writing gang
Benny, formerly of the 29A virus-writing gang, has now been
employed by a Czech company to write anti-virus software. He was
interviewed by the New York Times in early
2004.
News of Suchkov's sentencing comes just days after another
member of the 29A virus-writing gang was in the news.
Last week it was revealed that "Benny", who claims to have now
given up writing viruses, has gained employment writing anti-virus
software for a Czech company. Benny, who posts a weblog on the
internet and has published photographs of himself online, was said
by 29A to have resigned his membership of the malware-writing group
yesterday.
"No self-respecting anti-virus company would ever employ a virus
writer," said Cluley. "Besides the horrendous PR problem of trying
to explain to customers why you have employed someone who added to
the malware problem, there is simply the issue of how could you
trust someone who has behaved so immaturely and unethically in the
past?"
"With so much information coming into the public domain about
the members of the 29A virus-writing gang, maybe the international
authorities will be able to investigate further and show 29A the
error of their ways," concluded Cluley.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.