Write a virus, win some bucks...
Results 1 to 7 of 7

Thread: Write a virus, win some bucks...

  1. #1
    Old Fart
    Join Date
    Jun 2002
    Posts
    1,658

    Write a virus, win some bucks...

    A small British e-mail company is lining itself up for a possible challenge by inviting Internet users to break into its product.

    Avecho has offered $18,056 (10,000 pounds) to anyone who can sneak a virus past its GlassWall product, and it has even opened up the challenge to its developers.

    "Lots of people have already tried to do this," said Mark Elliott, vice president of international marketing for Avecho. "I think this is something we are able to do. The only condition is that people must be willing for us to publicize their failure as well as their success."

    In order to take part, contestants need to sign up for an Avecho e-mail account and then send a virus to that address or try to receive one from it. If the virus gets through, the contestant will win the prize, Elliott said
    Read more here.

    OK kiddies...step up the the plate and take a swing!!!
    Al
    It isn't paranoia when you KNOW they're out to get you...

  2. #2
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Greetings:

    Personally, encouraging people to write clever and innovative new viruses isn't something I think an AntiVirus company should be doing...

    This just SCREAMS of being unethical, and would be like a pharmaceutical company challenging people to attempt to genetically alter bacteria to be resistant to its newest antibiotic.

    Shame on them and their cheap publicity stunt!

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    While I agree that it's a shameless publicity stunt, I think having that much faith in your product is quite admirable... I don't think most AV vendors would have nearly enough faith to put money up against their products...

    I'm kind of curious about how they define a virus... You have to send the virus to or from the account... What if I triple tar, gzip, bzip2, zip, rar and then ace the file with passwords in the mix and then name it .txt or something simple... I doubt their software would find it... not that the other side would ever open it but I doubt that they'd catch it... Then again what if I used blat and a batch file with a for loop.. it deleted random files, then started the for loop... emailed itself to 1@somevariable.com 2@somevariable.com 3@somevariable.com .... etc.. Would either of those count as viruses... because they're fairly simple... not overly damaging and I'm willing to bet that they'd pass through the system.

    I may have to sign up for an account to try it out.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    Old Fart
    Join Date
    Jun 2002
    Posts
    1,658
    Originally posted here by JP
    Greetings:

    Personally, encouraging people to write clever and innovative new viruses isn't something I think an AntiVirus company should be doing...

    This just SCREAMS of being unethical, and would be like a pharmaceutical company challenging people to attempt to genetically alter bacteria to be resistant to its newest antibiotic.

    Shame on them and their cheap publicity stunt!
    Good points JP...but given the current climate, I figured they were just phishing for new talent and the 18 grand was a signon bonus for whoever submits the best resume'...
    Al
    It isn't paranoia when you KNOW they're out to get you...

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    HT, instead of using standard packing utilities, just encrypt the virus inside a self-extractor that includes an inline key. When the extractor is run, it decrypts the virus using said key, and then executes the virus. I would bet there are probably further restrictions on what they deem to be a prize winner. Probably along the lines of "you must be using a vulnerable version of OE, and exploit one of its many vulnerabilities" type of thing. My thoughts are they would be discussing automated viruses, not the click-to-execute style.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I have $5 says that if the thing is encrypted, packed and passworded or whatever their system blocks it by default and quarantines it or deletes it.

    It's what my firewall does for me right now. Anything that comes in via SMTP that has an attachment that could pose a threat gets removed... period. Then the remainder of the message is scanned for word docs, excels files etc. containing macro viruses or whatever. Then it gets scanned again at the internal mail servers..... If it's clean it gets delivered.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    I wonder if social engineering counts... maybe somebody could get SubSeven 1.0 on the inside and circumvent their protection because someone came in with a floppy

    Of course most AVs wouldn't allow for that. And it seems like a publicity stunt, yes, but nonetheless if new virii signatures appear that would require other AVs to have updates downloaded, and this product can hold on [with some form of advanced heuristic detection and prevention code] then they stole the market... as far as they're concerned it works for them.

    But I guess a wave of malware should be expected for Christmas.
    /\\

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •