This website is supported, hosted and funded by Corelan Consulting - https://www.corelan-consulting.com. Please follow us on Facebook (@corelanconsulting) and Twitter (@corelanconsult). Corelan training schedules: https://www.corelan-training.com/index.php/training-schedules



Please consider donating: https://www.corelan.be/index.php/donate/


6,150 views

Corelan Team reply to false allegation made by Kaspersky

Hi,

A few moments ago, I was informed about an article on www.securelist.com and the fact that Corelan Team was mentioned in that post.  Apparently a researcher at Kaspersky Labs found a piece of text ("You have been owned by CorelanX") inside a malware sample and concluded that, due to the mere presence of that string, "It is not impossible that these messages are connected with the Corelan team."

First of all, to make things perfectly clear: Corelan Team, or Corelan GCV, has nothing to do with the 0day or the malware or the people who wrote it.

We strongly condemn any illegal/criminal acts and always have.  This is absolutely clear and is part of our core values, as explained here: https://www.corelan.be/index.php/about-us/about-corelan-team/.  Our reputation is our most valuable asset and "suggestions"/"allegations" such as the one made by Mr. Vyacheslav Zakorzhevsky would most certainly damage that reputation.

The text "You have been owned by CorelanX" is just a string. The malware writers could have put anything they wanted in the malware, or made references to anyone.  Perhaps they even copy/pasted some public payload from a public exploit on exploit-db, or took it from one of our tutorials. Who knows. 

In any case, Corelan Team is not related with or connected to the malware authors, the malware or the 0day.  It is a ridiculous and unfounded allegation.

I can only hope the article will be updated asap and the potentially damaging statement will be removed.

thanks and hugs

Peter Van Eeckhoutte

Founder of Corelan Team.

PS : Mr. Zakorzhevsky : It would have been nice if you had contacted me before posting the article.


Update: Mr. Zakorzhevsky reached out on Twitter, confirmed the string doesn’t mean anything and reported that the line was removed from the article.


© 2014, Corelan Team (corelanc0d3r). All rights reserved.

Related Posts:

Comments are closed.

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace
  • Categories