Heartbleed Turned Against Cyber Criminals

Rambo Tribble writes: "In a case of 'live by the sword, die by the sword,' researchers have used the now-infamous Heartlbeed bug in OpenSSL to gain access to black-hat forums. A French researcher named Steven K. is quoted as saying, 'The potential of this vulnerability affecting black-hat services is just enormous.' Reportedly, the criminal-minded sites Darkode and Damagelab have already been compromised." In related news, U.S. Cybersecurity Coordinator Michael Daniel posted an article at Whitehouse.gov yesterday reaffirming that the U.S. government had no prior knowledge of Heartbleed. He said, 'We rely on the Internet and connected systems for much of our daily lives. Our economy would not function without them. Our ability to project power abroad would be crippled if we could not depend on them. For these reasons, disclosing vulnerabilities usually makes sense. We need these systems to be secure as much as, if not more so, than everyone else.'