back to article FireEye intern nailed in Darkode downfall was VXer, say the Feds

A former intern at security company FireEye has been arrested for creating and selling the slick and sophisticated Dendroid malware program after being caught in a global police sting that obliterated the Darkode cybercrime forum. Prosecutors say that Morgan Culbertson, 20, of Pittsburgh, was most recently working as a …

  1. Sir Runcible Spoon

    "22 Year old Victorian"

    I take it there was no mention of them confiscatiing his time machine?

  2. Archie Woodnuts

    I don't normally indulge but

    "one of the most gravest threats"

    The most gravest. I mean really.


    Yet more gibberish...

    "who included four Britons netted from 20 countries." - sound messy.

    1. Elmer Phud

      Re: Yet more gibberish...

      I was also puzzling about that.

      Only able to find 4 Brits, having searched 20 countries?

      1. Mephistro

        Re: Yet more gibberish...

        I thought that either the Britons involved were very big or the countries were really small. Glad to see I was wrong.

  4. chris swain


    Perhaps it might be unwise to use interns in security-critical businesses? Even if it was a paid internship I suspect the pay and employment benefits stacked up badly against full time employees and the guy knows he's out of work in twelve weeks anyway. Not to say that what he did was okay but if using an intern was a low cost option for the company then they only have themselves to blame. They wouldn't outsource this sort of thing to China, why pass it off to someone with no inherent loyalty?

    1. MissingSecurity

      Re: Internships

      That's a little disingenuous. The kid had the smarts to build a C&C infrastructure for mobile malware so it's not like they hired a slouch to come in and do security. If your thought was, "

      they should have hired a full time more experienced person", I'd say you are severely overestimating the talents of the general Information Security populace.

      In my experience, IS teams are mostly made up of Book Smarts, people who understand the theory, the terminology, and the concepts (they are intelligent people), but few actually have the ability to adapt to persistent threats, and adapt their companies to it.

      Shit, 50% of them I've met think they can put down programming skills on their resume because they can write"SELECT * FROM users;" I think it why IS is in such "demand" right now.

      1. chris swain

        Re: Internships

        MissingSecurity I fully agree with you but I made no point about experience and have little doubt as to his skills. I'd have given him a proper job with a career development path built in 'cause he's obviously good and I'd want him on my side.

        1. oneeye

          Re: Internships

          Fireeye stated that they were "removing him from any future consideration" which tells me they very well could have offered him a job after graduation. Or maybe he turned them down,thinking crime pays better?

  5. TheOtherHobbes
    1. Roo


      "Wouldn't outsource to China? Er..."

      Thanks for that link. Minimum wage seems to trump security every time...

  6. Measurer

    ....and in other news

    Quis custodiet ipsos custodies

    Self perpetuating industry


    1. mhenriday

      Re: ....and in other news

      In particular «FireEye», which is a past master at attributing hacks to just those entities to which its masters want them attributed.... ;-)

  7. Dan Paul

    Who watches the watchers?

    IMHO, the people and companies that produce antivirus and antimalware software should be one of the first places to look into when there are virus' that don't get picked up by AV or AM software.

    Their employees certainly have the qualifications to produce the worst undetectable virus' and malware possible and they can do it while hiding behind legitimate reasons for possession of hacking tools and virus'.

    The EX-employees should definitely "Expect the Inquisition" as they now have motive to create and sell the bad stuff to show up their ex employer.

    The closer the company is located to known hubs of illegal hacking activity, the more they should be suspect.

  8. Mark 85

    Make me wonder...

    How many others are double-agents as such? He's fighting malware and using what he's learn to create it and vice versa. I do wonder if there's more of this than is public (for some value of public) knowledge? Is it that the miscreants haven't been caught yet? Or is it that they are known to the companies that employ them? This seems to be a very murky business in many ways.

  9. Matt Bryant Silver badge
    Big Brother

    Hey, wannabes, did you take note?

    All the wannabe black hats and script kiddies should read and take note - Morgan Culbertson is probably much more intelligent and skilled than you'll ever be, but he got caught. Go find something useful to do instead.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like