Malware authors are trolling security researchers on VirusTotal.com by posting abusing comments

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
..... and few quotes from the article above:

Malware authors are trolling security researchers on VirusTotal by posting abusing comments, marking their websites as dangerous sites, and voting recently discovered malicious files as "harmless."
The targets of these actions are members of MalwareHunterTeam (MHT), a group of security researchers who hunt down malware as a hobby.
MHT's activity, while helpful for the rest of us, has ruined countless of malware distribution campaigns, which MalwareHunterTeam researchers have uncovered and shared among their peers.
The place where they find, identify and catalog malicious files and malware campaigns is VirusTotal, a service that allows users to scan files and URLs for malicious content.
Unknown to most users is that VirusTotal stores suspicious files for later analysis. This is where MalwareHunterTeam and other security firms come in. They search the VirusTotal database for suspicious files, analyze the payload, and report on it.
While most companies add the newly discovered files to their virus databases, the members of the MalwareHunterTeam publish the bulk of their researcher on Twitter.
This has attracted a lot of attention, both good on bad. The good comes from the pro-bono nature of their work. The bad comes from the big bullseye they've painted on their backs.
Click to expand...


Google, the company that owns VirusTotal, has already banned the accounts posting abusive comments, and many more, according to JamesWT, one of the MalwareHunterTeam members who's faced the brunt of their attacks.

Despite Google's actions, the security researcher expects crooks to sign up for new accounts and continue their vexatious behavior. Nevertheless, the company hasn't yet moved in to ban the accounts that have consistently voted malicious files as harmless, and vice versa, in spite of the overwhelming evidence.
Click to expand...

These actions, which remind us of lame high-school pranks, are just the latest means through which malware authors lash out at security researchers for exposing their activities and will most likely continue as long as security researchers keep fighting the good fight.
Click to expand...
 
  • Like
Reactions: frogboy, Parsh, Xtwillight and 9 others
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Writing malware must be becoming highly pressurized for them to resort to this kind of thing. Attacking VirusTotal seems a little bit for a hacker like telling the enemy one is a spy and to be on guard or like someone telling the police they are going to try to rob a store.
 
  • Like
Reactions: Xtwillight, DardiM, aragornnnn and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Like
Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware
Replies
1
Views
1,455
News Archive
Kongo
Kongo
Gandalf_The_Grey
    • Like
    • +Reputation
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Replies
1
Views
1,530
News Archive
upnorth
upnorth
LASER_oneXM
    • Like
    • +Reputation
Hackers use new IceBreaker malware to breach gaming companies
Replies
2
Views
513
News Archive
blackice
blackice

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top