Backdoor code writer shuts up shop over arrest fears
By Stewart Mitchell
Posted on 10 Jul 2012 at 15:26
The creator of a backdoor access tool has pulled the plug on the project amid fears that misuse of the software could land him in prison.
The DarkComet Remote Admin Tool (RAT) was always controversial due to its documented use by hackers, despite creator Jean-Pierre Lesueur claiming it was a development and access tool with legitimate uses.
After discovering it was being used by Syrian officials to spy on opposition leaders - and under pressure from authorities - Lesueur said he was stopping distribution of the tool before he landed in hot water.
Lesueur was worried he could be held responsible for its misuse, whether by hackers or security officials in regimes that could use it to infiltrate dissidents’ computers.
The recent arrest of the Blackshades RAT project author and the end of this project may yet have further reverberations leading to the closure of other similar projects
According to Lesueur he was canning the RAT, “because of the misuse of the tool, and unlike so many of you seem to believe, I can be held responsible [for] your actions”.
“If there is one thing I will not tolerate it’s to have to pay the consequences for your mistakes and I will not cover for you,” he said on the software's former homepage.
“The law is how it is and I must abide by the rules, yes it’s unfortunate for developers in security but that’s how it is. And that’s without mentioning what happened in Syria.”
He blamed the decision on people that had used the software in breach of its terms, but the move highlights the pressure being put on developers of software that has been used for hacking or other criminal activity.
“While in the past authors of such tools believed that they were immune from prosecution by claiming that they were educational tools, arrests, starting with the alleged author of the infamous Mariposa botnet, have begun to wake up authors of such tools to the possibility that they could be breaking the law,” said security company Symantec in a blog.
“These arrests are sending a message to the authors of such tools that they are not above the law and could face prosecution for their actions,” Symantec said. “The recent arrest of the Blackshades RAT project author and the end of this project may yet have further reverberations leading to the closure of other similar projects.”
The RAT closure won’t prevent people already using it from continuing with the software, but Lesueur said he was providing tools for both removing and scanning for the program.
Yet Lesueur said the decision was hard because the program had legitimate uses, too. “My goals always were to provide access to tools more powerful than any paid-for tool in terms of security and all for free,” he said. “This was for families who wished to keep an eye on their kids, or folks looking into acquiring some experience with such tools and users who wished to keep track on their machine from any place in the world.”
Coffee! Wake up!
So inserting a clause "don't use this tool in a naughty manner" doesn't absolve the writer of all liability? Now that's a surprise.
By QbixQbix on 10 Jul 2012
Microsoft are in BIG trouble
I would imagine that a great deal of the world's malware is produced using their Visual Studio software and contains functions from its libraries.
I wonder how long it will be before they are in court.
After all, the fact that software has legitimate uses apparently does not protect its creator if it is used contrary to its licence or intended function.
By qpw3141 on 11 Jul 2012
This is strange
Are weapon manufacturers prosecuted when 1 very disturbred person shoots people in a mall, using their product? I don't think so (correct me if I'm wrong!) and that's probably due to lobbying. I'm not saying it's a good idea to write software which is specifically meant to evade / breach / attack / etcetera but still...
Oh hang on. I just noticed that the coder is French (and presumably lives in France). That explains it.
By TheoB on 11 Jul 2012
Try to avoid your casual racism for just a minute and look at the real world.
Saeed Malekpour is an Iranian born, Canadian web developer. Whilst visiting his dying father, the Iranian govt have arrested him and sentenced him to death.
Writing software that has been used by others to upload pornography.
It's a messed-up world up there and you can't blame people for not wanting to deal with the idiots.
By Simbu on 12 Jul 2012
Reading back my post, I am not surprised you accused me of casual racism. That was not how I meant it at all, but I should have been far more careful. Please everyone accept my apologies.
The point I was trying to make is that it is indeed a messed up world if the creators of software are being blamed (prosecuted, villified, it gets as bad as we can imagine, unfortunately) for what other people (organisations, countries, etc) use their creations for.
I fully understand the creator's decision to stop developing this software. It just angers me that people are allowed to bear arms in some countries, because "it's not about what you own, it's what you do (or don't do) with it" where in other instances, people come under fire for even creating something which, in the wrong hands, might cause trouble.
By TheoB on 12 Jul 2012
- Huawei Ascend P6 review: first look
- Adobe Illustrator CC review: first look
- Let MPs tell us what they really want ISPs to block
- Adobe Photoshop CC review: first look
- WWDC 2013 and iOS 7 launch: live blog
- Sony VAIO Pro review: first look
- Want child porn blocked? Meet the IWF
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?