Source Code Club: Hacker Hoax or Cisco Headache?

The Source Code Club is back in business, if you can call it that. Theanonymous hacker group began peddling proprietary source code last July, disappeared, and now has reemerged with a bargain basement deal of US$24,000 for the source code for Cisco’s Pix security firewall.

“SCC is proud to announce the general availability of Cisco Pix 6.3.1 source code. This release is significant because Pix is vital to the security of many ultra-secure networks,” read a Google group posting marked as a Source Code Club newsletter.

Source Code Club organizers gave no word as to where or how they got the code. Cisco Pix 6.3.1 source code, however, is an older version of the product. Version 6.3.4 was released in July.

Poor Marketing Strategy

Ken Dunham, the director of malicious code research at iDefense, a Reston, Virginia-based threat-intelligence firm, told the E-Commerce Times that the Source Code Club is probably a hoax.

“Either these guys are just making noise to get attention and have fun behind the scenes or they are legitimately attempting to make money off of illicit goods,” Dunham said. “It could be a little of both.”

In any case, Dunham said even if the Source Code Club does have Cisco code, the hacker group has a poor marketing strategy. Underground sales channels would be a safer route, he said.

Source Code Club’s last attempt at cashing in on other people’s intellectual property targeted Enterasys Network’s Dragon intrusion detection system, which it offered for $16,000, and Napster’s client and server software for $10,000.

While the Source Code Club may be a hoax, Dunham said it is possible that Cisco’s source code was leaked or otherwise hacked.

Criminal Hacking

“For the last six to 18 months, we’ve had a dramatic increase in thecriminalization of underground operations,” he said. “We’ve moved away from script kitties for fun types of attacks and into organized criminals and sophisticated criminal attacks on the Internet at large.”

The Source Code Club claims to keep buyer and seller identity’s secret by conducting business via encrypted e-mail. The hackers are even launching customer loyalty initiatives.

The newsletter offers a “buyer incentive” to people who purchase one full set of source code. The first purchase enrolls customers as private members, which gives them access to additional sources of code.

Cisco did not return calls seeking comment