top | item 14934769

(no title)

"The indictment does not say Hutchins designed Kronos to be sold, knew about the sale or was at all aware his work was being used maliciously. "

A person he knew, or he was in touch with sold the said trojan. The indictment also doesn't say if he did gain financially from the sale or not.

So, he developed a trojan possibly for research, someone he knew sold it and he got arrested.

discuss

tptacek|8 years ago

This is not the kind of thing you develop for "research". It's extremely boring code that is essentially just a user interface for seeding HTML trojans across a botnet.

This thread gives the impression that people not in the field see some sort of mystique to malware research and development. Malware isn't vulnerability research or exploit development. Most of the malware deployed in the real world is code that virtually anyone on HN could develop, from first principles without any additional research.

That's not true of exploit development, which can be extraordinarily difficult and almost always depends on specialized insider knowledge. There's lots of research reasons to work on exploit code. But that's just not true for the kind of malware we're talking about in this case.

This is important to understand, because the premise of the story is that prosecution over banking trojan malware is having a chilling effect in the industry. It is not. Very few people in the industry build stupid-looking PHP interfaces to HTML injection on botnet victims, not because it's illegal but because it's pointless and dumb and you wouldn't learn anything from doing it.