Just a thought... A grey-hat thought....

Cowpipe

Level 16
Thread author
Verified
Well-known
Jun 16, 2014
781
What if 'we', as a malware removal forum began to seed our website with various advertisers known to serve ads to malware. So when the users hijacked browser visits a fake Google results page, our entry "Free Malware Removal Help" is right at the top :p

We could bundle ourselves with InstallCore along with goodness knows what other adware the publisher has included. Our program frequently displays popups asking the user whether they want to remove the adware from their computer, or whether they would like to increase the size of their.. free space?

We can call ourselves UninstallCore ;)

On a more serious note, it's an idea that does have some credibility, at least in theory. Infect users with anti-virus software using old long since patched exploits, the idea being if their security was poor enough to let our anti-virus infect them, they are probably already infected. Drive-by-download some patches and finally melt our executables leaving no trace of the magic UninstallCore fairy.

I seem to recall this has been done before, albeit on a much smaller scale and targeting specific infections. For anyone wondering, this is very much at the heart of grey-hat hacking. Likewise if we developed 0day exploits, sold them to criminals for tons of money then patched them the next day and donated the money to ClamAV or something, this is again grey-hat activity, the least understood of the three 'hats' ;)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top