Wherez it at?? HBGary Response

February 15, 2011

Private: The True Origins of Malware DNA

February 14, 2011

 Here is the link to my original presentation  

Here are my prior posting on the concept of Malware DNA

Post 1 Post 2 Post 3 Post 4 Post 5 Post 6 Post 7

The rest has been redacted due to a DCMA complaint filed to have the information removed. 


We received a valid DMCA Notice ( ) for the following material found on your blog:


If you do not have the legal rights to distribute the file/content/material, you are required to delete the post(s) and let us know when this has been done. The removal will then be verified, and the blog will be returned to normal.

Republishing the content without permission of its copyright holder – or continuing to publish material that results in DMCA notices – will result in a permanent blog suspension. Publishing such material is a direct violation of our Terms of Service ( ).

If you wish to formally challenge this DMCA notice, we will be happy to provide you with the details you need.



> The information has been removed, thanks for your quick response.  If
> possible, could you please set the post to public and reenable my posting
> abilities.

You are now able to access your dashboard and edit the postings as usual.

> Additionally, do I have the right to be given the information on who
> submitted the complaint and the reason for concern?  The content I posted
> was copied from open Internet resources that can be found in multiple
> places.

Yes, you absolutely have that right. Here is the DMCA notice that we received:


> > This law firm represents HBGary, Inc. One of the websites you are hosting,
> > http://conanthedestroyer.net/2011/02/14/the-true-origins-of-malware-dna/  is
> > being used to distribute confidential trade secrets and copyrighted works that have been misappropriated from HBGary as part of a well-publicized criminal intrusion into their network. The stolen works and trade secrets at issue consist of emails posted as images and a link providing access to a database containing additional stolen email hosted on http://conanthedestroyer.net/2011/02/14/the-true-origins-of-malware-dna/ .
> >
> > In accordance with the DMCA notice requirements, we have a good faith belief that use of the copyrighted materials described above as allegedly infringing is not authorized by the HBGary, its agents, or the law. I swear, under
> > penalty of perjury, that the information in the notification is accurate and that I am authorized to act on behalf of HBGary, Inc., the rightful copyright holder.
> >
> > We trust that Layered Technologies does not support the use of its servers to facilitate misappropriation of trade secrets and copyright infringement and that you are committed to prohibiting this unlawful activity as part of your Terms of Service. Accordingly, we request your assistance in immediately taking down this site and preserving any logs or account information you may have associated with this site. Please let me know as soon as possible once you have received this message. I may be reached at the email address above. Thank you in advance for your prompt cooperation.
> >
> > Sincerely yours,
> >
> > Leota Bates
> >
> > [cid:[email protected]]
> >
> > Leota L. Bates
> > Zwillinger Genetski LLP
> > 1705 N. Street, NW
> > Washington, D.C. 20036
> >
> > (202) 706-5209 (direct)
> > (202) 296-3585 (main office)
> >
> >



ATTN: Leota L. Bates

I would like to request that you client substantiate that they have existing, and relevant established Prior Art on the concept of Malware DNA as stated by them as based on their collaborative work with McAfee dating back to 2006.  The recent incidents involving HBGarys loss of intellectual capital, while unfortunate, give credible credence that the aforementioned verbal affirmations that they have established prior work in this field prior to Sept 2008 remain unsubstantiated and open to considerable doubt, and cloud all previous communications on this subject with suspiciousness.  I acknowledge that in the field of technical development and research there are legitimate independent parallel discoveries and innovations and it is this issue I am trying to verify.  Proof of your clients previous work substantiating claims that they indeed worked on the Malware DNA concept and not some unrelated technical research area in malware would put these issues to rest.  I respectfully request that your clients clear the air of this issue so that they may continue reconstitute after such significant data breach. 

It is within my right, to challenge the assertions made by your client as the SOLE innovator and creator of this technology, when I have concrete knowledge that my research was shared and divulged to his company approximately 30 days before any significant developments in code were made, that were integrated as a key component in their flagship product.  The statements by your client that they had developed this research completely on their own without any outside support or funding contradicts what was verbally stated to multiple parties in their communications as well as to outside parties, and conflicts to any previous statements that this research was developed as a result of a collaborative and possibly funded effort with McAfee.

I look for to clearing the air on this issue in an open, friendly and timely fashion.

I can certainly provide a timeline of my research and examples if you would like to review them. 


2 Responses to “Wherez it at?? HBGary Response”

  1. Phil Young said

    So this was sad, I liked the previous writeup but I have a question.

    If HBGary is supposing that the emails have been altered by Anonymous then they have no DMCA claim since it’s not their copyright to enforce (It would be Anonymous’ copyright).

    On the other hand, if they are enforcing the DMCA then they’re basically saying that those emails are unaltered and are HBGary copyright.

    Here’s a BBC article claiming they’ve been altered.

  2. Faye said

    I was thinking the same as Phil Young above. HBGary have already publicly said that they were altered so they’d better make up their minds!

    Excellent article. Very worrying. Very worrying indeed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

%d bloggers like this: