Software // Enterprise Applications
News
7/15/2004
12:24 PM
Connect Directly
RSS
E-Mail
50%
50%

Stolen Source Code Site 'Suspended'

Selling corporate secrets is 'tricky,' the site says, so it's 'redesigning' its business model.

The Source Code Club, a group of hackers who offered to sell stolen source code, closed down its Web site Wednesday evening. The group popped up on the Web earlier this week and claimed to have a variety of code for sale, including the source code to Napster as well as an intrusion-detection system from Enterasys Networks Inc.

Someone with the name Larry Hobbles on Monday posted an E-mail advertisement to a security mailing list stating that the Source Code Club "is now open for business." The E-mail described the Source Code Club as a business focused on "delivering corporate intel to our customers."

It said the group's primary focus was selling source code and design documents, and claimed that "there are many other facets to our business."

By late Wednesday, the group decided it needed to make some changes.

"Thank you for your interest in SCC. We regret to inform that SCC has temporarily suspended operations. Our business model is currently being re-designed to alleviate some of the initial fears our customers faced," the Web site states.

It promises to return. Selling corporate secrets is "very tricky," the Web site reads, but "we believe it is an area that we can conquer. Look for us in the near future as we re-emerge to bring you all kinds of secrets."

A spokeswoman for Napster said in an E-mail interview that the company believes the group has the source code to the original peer-to-peer Napster software. "We don't use the same source code, so we are not concerned," she wrote.

A spokesman for security software maker Enterasys said in an E-mail statement that the company is investigating the alleged theft and has "not definitively concluded that they have any actual source code."

If code were stolen, the spokesman said, it may have been a portion of an older version, 6.1, of its Dragon IDS software, and customers can download the latest version, 6.3, from its Web site.

"Our continuing investigation indicates that any possible misappropriation of the code would have been linked to a physical theft of media and not a breach of our network," he wrote.

Enterasys is also working with law enforcement and therefore "can provide no further details at this time," he wrote.

The raw source code for commercial software companies is highly guarded intellectual property. Not only can competitors study source code to attempt to gain a competitive advantage, but security researchers and hackers can pore through the code to attempt to uncover security holes that can be used to hack into corporate networks or launch Internet worms such as Sasser and Code Red.

This isn't the first time this year hackers claimed to, or actually, have gained access to proprietary software. Portions of Microsoft's Windows operating system source code leaked onto the Internet in February. And in May, portions of Cisco Systems' Internetworking Operating System software, which runs much of its networking gear, were stolen, with chucks of code published on the Internet.

No arrests have been made to date in the Cisco or Microsoft cases.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.