Epic Fail by IDA and Eset

Hello!

Today, literally hours ago, the news flew by - a whole set of a long-time tidbit of hackers, carders and crackers appeared in the public - the latest version of the interactive IDA disassembler with all the attached tools.
')
Specifically, unreleased:
Hex-Rays.IDA.Pro.Advanced.v6.1.Windows.incl.Hex-Rays.x86.Decompiler.v1.5.READ.NFO-RDW
Hex-Rays.IDA.Pro.Advanced.SDK.v6.1-RDW
Hex-Rays.IDA.Pro.Advanced.FLAIR.v6.1-RDW
Hex-Rays.IDA.Pro.Advanced.IDS.Utilities.v6.1-RDW
Hex-Rays.IDA.Pro.Advanced.LOADINT.v6.1-RDW
Hex-Rays.IDA.Pro.Advanced.TILIB.v6.1-RDW
Hex-Rays.IDA.Pro.Advanced.v6.1.TVision.v2009b.Source-RDW

The number of links on the web is now growing exponentially.

Well, another face, you ask, and what is there to lay out on Habré in the Information Security section? The whole thing is hidden in the caption, which is given in the title of this article.

Earlier, I wrote about how computer security companies relate to their own security . Now the story is repeated - super-closed in terms of purchase - and Ilfak Gilfanov's super-expensive program “ran away” from Eset, the manufacturer of anti-virus products. Here is what the organizers of the leak say about this in the nfo-file (there is also a Russian section, yes)

This release should serve as a life lesson for those people who consider themselves to be "blue blood" people. He pursues the goal in some way to bring down arrogance, to put these people in place. Show that, besides them, there are other people who should at least be respected, appreciate their work and listen to them (at least listen).

This release is dedicated to one person and one company, who behave asocially, defiantly, arrogantly, are not considered to be with anyone or anything, and therefore it is necessary to conduct a small "educational" work on the part of the community

Let's start in order: man - Ilfak Gilfanov (Ilfak Guilfanov).
I wanted to write a lot, then I thought - it makes no sense.

And therefore, in principle, there is nothing special to tell. Those who are "in the subject" and so everyone knows about this person. It is almost impossible to purchase an IDA for good reason. I described some details in my blog, the 'ida' tag (I don’t provide a link, I’ll find someone who needs it). You can read a little here (only in Russian
lurkmore.ru/Reverse_Engineering#.D0.94.D0.B8.D0.B7.D0.B0.D1.81.D1.81.D0.B5.D0.BC.D0.B1.D0.BB.D0.B5 .D1.80.D1.8B

I apologize to the crackers who were hired by HexRays SA for being in some way affected as well. But your leader, unfortunately, leaves no choice

In December 2007, after Ilfak's unforgettable revelations in the subject www.idapro.ru/forum/viewtopic.php?t=463 , which occurred after the IDA v5.5 warez release, I created the theme www.idapro.ru/forum/viewtopic .php? t = 458 . In it, I laid out some thoughts about the "double standards" by the author of IDA. Just a small example. A short conversation ensued, as a result of which Ilfak behaved absolutely inadequately (in his usual manner) and banned me on the forum. But that is not all. Before banning me, he privately (PM) sent me a message:
================================================= ======
Subject: Out of here
-
I already told you that I was tired of your words.

It seems that you do not understand other words: go away
================================================= ======

I recommend to reconsider their attitude towards people and ways of expressing their thoughts when communicating with them. In any case, at the moment you "reap" exactly what he himself "sowed." I do not lose such things on the brakes.

*** Next: the company - ESET - manufacturer of NOD Antivirus

There is such a proverb: “The cat will tear down the tears of the mouse” (I already voiced it in relation to you in the 2008-2009th years). Now this time has come.

So, the actors from ESET (this is the minimum):

* Juraj Malcho - the main self-satisfied short-sighted character
* Marek Zeman (Customer [Un] Care; zeman@eset.sk)
* Daniel Novomesky (Virus Researcher)

ESET treats software developers (small companies, individual shareware products developers) - like shit, and doesn’t hide it.

The essence of the conflict is also described in my blog on the 'eset', 'nod' tags, but is stated somewhere in the comments, in the discussion (I will not give you any links). In short: instead of learning how to properly detect content protected with TH / WL (first) and VMP files, ESET simply stupidly detected these * always * (Avira-style) security tools. And ESET is a seemingly, technically competent company, really well written code. But such an approach. This is not all.

At one specialized security forum, this company swore and swore that all the shareware developers affected will easily contact ESET, and their programs will be excluded. In fact, this was not at all the case. Undistend rudeness, arrogance, bullying.

ESET killed individual developers and small companies, because those, reliably protecting their products from crackers, lost their customers. Why? Because ESET NOD automatically detects files as malware. Moreover, he did not even let them download from sites! But that's not all, taking into account how the antivirus industry is now organized, it was enough to upload such a file to VirusTotal, how other “little fools” started to detect it, copying the verdict.

The problem grew like a snowball. Due to the fact that users could not download products, developers and companies lost their customer base and real money. Because of this, the developers had to ... abandon the protection used! And there was a chain reaction: the client refuses the shareware program -> the shareware program developer refuses the protection used -> the protection developer loses clients and money. That is, ESET not only killed small companies and individual shareware developers, but also killed the client base and the profits of Oreans Technologies and VMProtect.

Rafael, I know that you had a hard time at the time - this is my small personal gift to you. I know how hard it is for small companies to defend their opinions and in general at least agree on something.

PolyTech, and for you too.

To the entire shareware-developer community - ESET will now get everything it deserves by mocking at you.

ESET, Juraj Malcho: “su podla mna smiesne” - well, how are you still as funny? In Russia we are told: “The one who laughs last is laughing well.” Now you can try to laugh.

Just because you work in a large company with a world name, $ millions in millions, does not mean that you need to be shit and act like shit. People are around you, and you are neither better nor worse than them. It's time to take down the arrogance.

*** Small warning

To avoid any more inadequate actions (for some reason people tend not to learn from their mistakes), I consider it my duty to inform you that tens of thousands of different computers currently have an encrypted binary dataset with some source codes and some more specific data. The principle of work is “to open”. Do not make Kaspersky Lab fail (hello to the "rock climber" and the April-May holidays) or the second Stuxnet

A small (generally painless) confirmation will be demonstrated soon after this release.

Here is such, as it were, information for thought ...