Please take a moment to read, to help share the message and support the initiative to tell our leaders to focus on addressing the global world problems, instead of complaining about the effects of their lack of leadership. Be a leader yourself, and share this with as many people as possible. #demandglobalchange //

Please consider donating:


Corelan Team reply to false allegation made by Kaspersky


A few moments ago, I was informed about an article on and the fact that Corelan Team was mentioned in that post.† Apparently a researcher at Kaspersky Labs found a piece of text ("You have been owned by CorelanX") inside a malware sample and concluded that, due to the mere presence of that string, "It is not impossible that these messages are connected with the Corelan team."

First of all, to make things perfectly clear: Corelan Team, or Corelan GCV, has nothing to do with the 0day or the malware or the people who wrote it.

We strongly condemn any illegal/criminal acts and always have.† This is absolutely clear and is part of our core values, as explained here:† Our reputation is our most valuable asset and "suggestions"/"allegations" such as the one made by Mr. Vyacheslav Zakorzhevsky would most certainly damage that reputation.

The text "You have been owned by CorelanX" is just a string. The malware writers could have put anything they wanted in the malware, or made references to anyone.† Perhaps they even copy/pasted some public payload from a public exploit on exploit-db, or took it from one of our tutorials. Who knows.†

In any case, Corelan Team is not related with or connected to the malware authors, the malware or the 0day.† It is a ridiculous and unfounded allegation.

I can only hope the article will be updated asap and the potentially damaging statement will be removed.

thanks and hugs

Peter Van Eeckhoutte

Founder of Corelan Team.

PS : Mr. Zakorzhevsky : It would have been nice if you had contacted me before posting the article.

Update: Mr. Zakorzhevsky reached out on Twitter, confirmed the string doesn’t mean anything and reported that the line was removed from the article.

© 2014, Corelan Team (corelanc0d3r). All rights reserved.

Related Posts:

Comments are closed.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)