Trouble For 29a Virus-Writing Gang as Russian Member is Sentenced

Authorities in Russia have pronounced a member of the notorious international 29A gang guilty of writing viruses.

Eugene Suchkov admitted writing the W32/Stepan and Gastropod viruses, and posting their live code alongside the source code necessary to create new variants on a number of underground virus exchange websites. He was found guilty and fined 3,000 roubles (approximately £57) for his activities, and will now carry a criminal record.

Suchkov, who went by the pseudonym of “Whale”, was a member of the 29A virus writing group which has members based in several countries. Others involved with the gang have names such as “Z0MBiE”, “The Mental Driller” and “Ratter”. The 29A virus writing gang is so-named because “29A” is the hexadecimal for “666”.

“A 3,000 rouble fine is little more than a smacked bottom, but at least Suchkov has been found guilty, indeed it’s encouraging to see the Russian authorities taking action against virus writers,” said Graham Cluley, senior technology consultant for Sophos. “With so many computer criminals based in Russia it’s time to send out a strong message that those who write and distribute viruses have nowhere to hide.”

In an interview with a British internet magazine late in 2003, “Whale” predicted that a future potential playground for virus writers would be Microsoft’s .NET framework.

“Whale” then published articles on the internet earlier this year explaining how a .NET virus could be written.

This has been a bad week for the 29A virus-writing gang. Suchkov’s sentencing comes just days after another member of the 29A gang was in the news.

Last week it was revealed that 29A gang member “Benny”, who claims to have now given up writing viruses, has gained employment writing anti-virus software for a Czech company. Benny, who posts a weblog on the internet and has published photographs of himself online, was said by 29A to have resigned from the malware-writing group yesterday.

“No self-respecting anti-virus company would ever employ a virus writer,” said Cluley. “Besides the horrendous PR problem of trying to explain to customers why you have employed someone who added to the malware problem, there is simply the issue of how could you trust someone who has behaved so immaturely and unethically in the past?”

“With so much information coming into the public domain about the members of the 29A virus-writing gang, maybe the international authorities will be able to investigate further and show 29A the error of their ways,” concluded Cluley.




Share this