What I think of Malware, how it should be handled by new users.

[NullPointerException]

Malware -

1. software that is intended to damage or disable computers and computer systems.

Those folks at Oxford think it's simple. Isn't it?
A reverse-engineer defines it as ...
"1. Malicious software that is generally used to hack computers, typically for banking purpose"
A programmer defines it as...
"1. It is a program that is heavily aided by the stupidity of users.
2. Vulnerability sucks"
A debugger defines it as...
"1. Is it my mistake? I hope not"
An end user defines it as...
"1. What is the best antivirus?"
A computer scientist defines it as...
"

"
Good-type of hackers define it as...
"1. Hacked
2. Lulz at your security
3. TROLOLOLOL"

You see, friends, that it varies how people see the word, 'malware'. Now, I assume you're an experienced malware-removal-expert. Our voluntary jobs seem difficult to keep up with. The end users are often not too savvy and often we need to re-explain our two-thousand character reply. They do not have the basic understanding of malware, often times they just say "help something went wrong". Sometimes they're infected with adware, and sometimes they're infected with a RAT. It all varies.

In my opinion, malware is too complicated and it is ever-growing. Groups like Annoymous, and LulzSec are rare. And even those two groups are loosely associated, they're too loose-organized. They try to fight the govt, but I don't see a Russian govt site down these days. Those groups possess no harms to us, the end users of the Internet, "The hate machine, the love machine, the machine powered by many machines".

But, of course, most "black hat" hackers' job is to create destructive software. Their job is to earn as much as stolen BitCoins as possible. Not only BitCoin factually, but our credit cards, our identities, our mobile and even our privacy. You see, antivirus devs are lacking compared to the sheer amount of "black hat" hackers. What is really bad, is that the illiteracy of computer science among users. Most professional non-computer engineers cannot answer any programming, engineering or virtual questions about computer science. And that's what they learnt, until third year...

Many new users install multiple antiviruses without the proper settings. By 'proper settings', I mean proper process exclusions, proper HIPS/BB/Firewall settings. They often face a BSOD. Then they come to computer repair forums, and are taught computer science's technics. That is too slow. Too slow. It takes days and perhaps even weeks to repair their computers (I've experienced trying to help them myself), and they barely read the red text in most cases after their computer is finished repairing.

Norton antivirus is still infamous over YouTube. People still believe that Norton is "slow" and "sluggish", "resource-hogger" as "it was in 2006". That antivirus is really good, but not my type actually. Do I recommend it? I do. But whenever I recommend that over YouTube (by replying comments and correct the original poster's facts, they just scorn me, telling me that I am a "script kiddy". I'd facepalm if I could, but that's hurt my face and my eyes. Even among some computer scientists, Java is considering "dead", it is considered slow. As it was "before Java 5", do they know that Java 8 has already been released?

Their knowledge is not up-to-date. Similar is our knowledge. When we review an AV, we should make sure we test all of its components. Things might not be as they were in previous versions. Or in 2002. In some aspects, it goes for malware also. Assuming you're a reverse-engineer, you already know that new malware in-the-wild means new code to test. But how sure you are that the latest version was released two months ago? What if the new, undetected version was released just a week ago? We should keep our knowledge up to date.

As for the not-so-tech users, be aware of what you install.
No, I am serious. That alone can prevent about sixty-five percent of problems. For example...

Jim wanted to download AVG antivirus. He clicked on the google's first yellow link, assuming a multi-mega corporation like Google wouldn't fail him. He, two hours later, ended up with alots of porn.

Well, not a good example. But that does it, I think. You try for software A, click on link B, get installer C, which in turn installs D, that triggers reaction E...Do not just click "next", do actually read the license agreement. You might not be an advocate and might not enjoy hundreds-of-lines of capitalized "HERE, WE, US, ("WWW.SOMEONE.COM"), but it helps.

I hope that one day, malware will be destroyed. I can hope, can't I?

It doesn't matter if you're a totally noob when it comes to computers, following simple statements provided by end users can save you millions of dollars. Literally.

 

[TIA]

That really gets down to the basics doesn't it?... we don't know anything at all!
And if the inevitable strikes, we run to people like you.
And later when we are all clean & healthy again, we never give you another thought.
At least a good percentage don't.

Its funny that i was just about to post something (which i will do in a second) and it mentions my need to learn myself!
I can't let this happen to me again as it has been so disruptive. And the only way to ensure it doesn't happen again .. is to teach myself.

I have to try to solve most of it on my own to then see where I'm going wrong and then ask for more advice.
I don't want to run back here every time I'm stupid enough to let my computer down again.

Really well written .. and it makes you think.....

 

[NullPointerException]

That really gets down to the basics doesn't it?... we don't know anything at all!
And if the inevitable strikes, we run to people like you.
And later when we are all clean & healthy again, we never give you another thought.
At least a good percentage don't.

Its funny that i was just about to post something (which i will do in a second) and it mentions my need to learn myself!
I can't let this happen to me again as it has been so disruptive. And the only way to ensure it doesn't happen again .. is to teach myself.

I have to try to solve most of it on my own to then see where I'm going wrong and then ask for more advice.
I don't want to run back here every time I'm stupid enough to let my computer down again.

Really well written .. and it makes you think.....

Thank you.

Do learn! I read programming, architecture books at the age of thirteen. Why cannot you? Read almost everything you can get your hands on. Buzzwords like mapping, sets, threads, strings, obfuscating, event-handlers, observer patterns etc. start to make sense as you read books about computer science. I do admit we lack real computer science books (instead, most 'computer science' books are about programming, not about the inner structure of a motherboard, structure of a keyboard etc.), but after reading programming books and mastering at least one language, you're able to understand books like Windows Internals, which truly describe Windows' functions.

There's nothing wrong with being infected. What I am saying is that you should get precautions and increase your knowledge, if I was in this forum's malware removal team, I'd have assisted you. I last time got infected by a RAT 10 years ago. Really, do read books, I doubt Bill Gates ever got infected with a malware in last five years.

 

[Deleted member 178]

Bill Gates doesnt use "Windows", he uses "Gates" , a unique OS that only him uses

You forgot one category :

The security forum advanced user, it is the sum of all others ^^

"Malwares are softwares intended to hack/disable your computer, via sucky vulnerabilities mostly for banking purposes aided by your stupid mistakes and lack of understanding of those strings of code so lulz at your security ! Good luck to find the best Antivirus Trololol ! "

personally i am a Symantec EP user and proud of it ^^

 

[NullPointerException]

Bill Gates doesnt use "Windows", he uses "Gates" , a unique OS that only him uses

You forgot one category :

The security forum advanced user, it is the sum of all others ^^

"Malwares are softwares intended to hack/disable your computer, via sucky vulnerabilities mostly for banking purposes aided by your stupid mistakes and lack of understanding of those strings of code so lulz at your security ! Good luck to find the best Antivirus Trololol ! "

personally i am a Symantec EP user and proud of it ^^

Haha. Symantec is an extremely fine antivirus, but it has too many features. ESET is simple, clean and efficient. But to each, its own.

 

[Nico@FMA]

In my opinion, malware is too complicated and it is ever-growing. Groups like Annoymous, and LulzSec are rare. And even those two groups are loosely associated, they're too loose-organized. They try to fight the govt, but I don't see a Russian govt site down these days. Those groups possess no harms to us, the end users of the Internet, "The hate machine, the love machine, the machine powered by many machines".

Groups like Annoymous and LulzSec are multi million "hacktivist" groups that fight censorship, globalization and dictatorial regime types. Also they intend to fight governmental and semi-military security and surveillance dominance, however down the line these examples are just means to an end.
They target anyone they can if need be, yet CNN reports lots of events, but events from China and Russia and other "shady" regimes are not reported yet it does not mean they are not a target by these groups.
Take my word for it, Russia, Iran, Brazile and China just to name a few have their hands full with these groups.

Both groups and others have been linked and are direct and indirect responsible for 70% of all damages done to computers in the past 3 years.
Due to my work and the connections that come along with it, i do have pretty good knowledge and even know people associated with these groups, and while they are a group flying under one banner they are in essence solo guys and tac teams that are hired for a specific job or due to their expertise.
However there are loads of wanna be "anno/lul" self proclaimed members and yes they are not organized and not regulated by any means.
That being said Anno and Lulz are both very dedicated groups with a multimillion dollar cash flow and connections trough out the whole world, and there are more groups like that who are even more dedicated and more advanced then the 2 mentioned groups, yet the 2 above appear to be the most visible for the moment so everyone knows about them.
But groups (see a small wiki list) around the world operate more silent.

Now for the sake of argument i will say that if anyone can arrest these people then please do so as most of them are criminals to the bone and it would be a good riddance.
However there are key individuals and smaller groups that have GREAT value and act as a counter balance to global surveillance and as such they do a good job.
Also something else which is important to note is that the objectives by these groups are in most cases not that bad, its just the way how they achieve things is questionable at best.
Anyway to get back at what i was saying is that you seriously underestimate these groups and what they can do, but more importantly these groups have more money to spend due to their world wide scamming business then some smaller EU rich nations.

And from a US government POV with its HUGE budget they realize that while they have ample capacity and high tech systems to monitor the rest of the world, willingly and unwillingly they cannot fight these groups head on.
Most of these groups have so much technological quality that they can cripple a nations economy within days.
A year ago some banks in the US got hit and it costed wall street billions of dollars and this was being done by just 5 middle class ranked hacktivists, so imagine if these groups bundle their forces and specifically target US vital economy systems.
As you can see this is a MAJOR concern, and if the western world is keeping up with what they are doing surveillance wise then it is believed by many experts around the world that these groups will start making waves.

And one may form a opinion about it either good or bad, but as long the Internet has been around it has been proven that a dedicated hacker can be a ghost and usually onbly gets arrested by his own lips.
Lose lips sink ships...

But the true hackers around the world run hola hoops around NSA related organizations as has been proven time after time after time.
And to these groups the Internet is the only way to make a fist against everything they do not like... So they are hell bend to defend that..

Just saying.
Anyway nice post dude.+1

 

[NullPointerException]

Groups like Annoymous and LulzSec are multi million "hacktivist" groups that fight censorship, globalization and dictatorial regime types. Also they intend to fight governmental and semi-military security and surveillance dominance, however down the line these examples are just means to an end.
They target anyone they can if need be, yet CNN reports lots of events, but events from China and Russia and other "shady" regimes are not reported yet it does not mean they are not a target by these groups.
Take my word for it, Russia, Iran, Brazile and China just to name a few have their hands full with these groups.

Both groups and others have been linked and are direct and indirect responsible for 70% of all damages done to computers in the past 3 years.
Due to my work and the connections that come along with it, i do have pretty good knowledge and even know people associated with these groups, and while they are a group flying under one banner they are in essence solo guys and tac teams that are hired for a specific job or due to their expertise.
However there are loads of wanna be "anno/lul" self proclaimed members and yes they are not organized and not regulated by any means.
That being said Anno and Lulz are both very dedicated groups with a multimillion dollar cash flow and connections trough out the whole world, and there are more groups like that who are even more dedicated and more advanced then the 2 mentioned groups, yet the 2 above appear to be the most visible for the moment so everyone knows about them.
But groups (see a small wiki list) around the world operate more silent.

Now for the sake of argument i will say that if anyone can arrest these people then please do so as most of them are criminals to the bone and it would be a good riddance.
However there are key individuals and smaller groups that have GREAT value and act as a counter balance to global surveillance and as such they do a good job.
Also something else which is important to note is that the objectives by these groups are in most cases not that bad, its just the way how they achieve things is questionable at best.
Anyway to get back at what i was saying is that you seriously underestimate these groups and what they can do, but more importantly these groups have more money to spend due to their world wide scamming business then some smaller EU rich nations.

And from a US government POV with its HUGE budget they realize that while they have ample capacity and high tech systems to monitor the rest of the world, willingly and unwillingly they cannot fight these groups head on.
Most of these groups have so much technological quality that they can cripple a nations economy within days.
A year ago some banks in the US got hit and it costed wall street billions of dollars and this was being done by just 5 middle class ranked hacktivists, so imagine if these groups bundle their forces and specifically target US vital economy systems.
As you can see this is a MAJOR concern, and if the western world is keeping up with what they are doing surveillance wise then it is believed by many experts around the world that these groups will start making waves.

And one may form a opinion about it either good or bad, but as long the Internet has been around it has been proven that a dedicated hacker can be a ghost and usually onbly gets arrested by his own lips.
Lose lips sink ships...

But the true hackers around the world run hola hoops around NSA related organizations as has been proven time after time after time.
And to these groups the Internet is the only way to make a fist against everything they do not like... So they are hell bend to defend that..

Just saying.
Anyway nice post dude.+1

Thank you.

I know that there is a wrong side of every mortal. But at least they fight the wrong government decisions, while nonetheless they cripple them and -- that is their only mission -- most of their work is noble. I hate SEA, and I hate its political views. While Anonymous, I think, tried to fight them, in the end both of them got tried and basically just said "scratch that" and have been silent about private views ever since.

Syria's current condition is hell, I know. But that doesn't mean the group should support its own country's slaughter. I am an Indian by birth, I'm a little too negative about it, but I wouldn't like if an Indian hactivist group supported its own civil war on the wrong side. Now, politics aside, Anonymous and LulzSec have mostly done good job. While I know they hacked a fourteen year old's website and trolled him and his family, they did it for the lulz, and because they believed in freedom of speech. LulzSec's leaving speech was rather emotional, and I think those guys just wanted to have a better internet and overall a better society.

They do have the power, but they barely misuse it. SEA does misuse it, but the recent GhostNet guy did the right thing, he didn't misuse his knowledge. It's like, you know, having the President title to a multi-national multi-billion dollar company. If things are going out of hand of you and your customers, you can always fire the evil people or shut down the company. The government must know that it is democracy, not monarchy or bureaucracy. We are the people, we should deserve the power.

 

[NullPointerException]

This is what basically Anonymous is saying.
They believe in democracy, not slavery. I am pretty sure you've read this.

 

[Cowpipe]

When I was in the scene, it was about status and attacking rival groups. Why did you attack a rival group? Partly for fun but at the same time there was usually something about them you didn't like. I once teamed up with another guy to hack Cal Leeming because we thought he was an obnoxious moron who frequently overstated his talents in chatrooms. In truth, we were just as obnoxious when we created malware with exotic encryption functions and stupidly complicated and optimized infection routines to show off our coding skills, attaching big bright banners to them to really stick it in peoples faces, or sometimes going stealthy, revelling in the fact we could infect users without their knowledge.

Soon the scene began to change and it became about money and I watched as the oldtimers like myself grew less and less in number, some choosing to devote their skills to hire (as I eventually did myself), some selling malware underground. I remained good friends with the coder of a popular RAT which I won't name here, until about a year ago. He made a healthy living off it, enough to frequently hire botnets to carry out DDOS attacks on whatever targets annoyed him that day.

I guess the reason why I'm here on MalwareTips today, on the good guys side is because I became so disillusioned with what hacking and malware writing had become. I mean to me personally, there is a difference between "virus" and "malware". Virus to me reminds me of showing off, coding prowess and skill, whereas malware is just a blunt soulless instrument for making money.

Apologies for the old-timer kind of rant but that's my viewpoint anyway

 

[NullPointerException]

When I was in the scene, it was about status and attacking rival groups. Why did you attack a rival group? Partly for fun but at the same time there was usually something about them you didn't like. I once teamed up with another guy to hack Cal Leeming because we thought he was an obnoxious moron who frequently overstated his talents in chatrooms. In truth, we were just as obnoxious when we created malware with exotic encryption functions and stupidly complicated and optimized infection routines to show off our coding skills, attaching big bright banners to them to really stick it in peoples faces, or sometimes going stealthy, revelling in the fact we could infect users without their knowledge.

Soon the scene began to change and it became about money and I watched as the oldtimers like myself grew less and less in number, some choosing to devote their skills to hire (as I eventually did myself), some selling malware underground. I remained good friends with the coder of a popular RAT which I won't name here, until about a year ago. He made a healthy living off it, enough to frequently hire botnets to carry out DDOS attacks on whatever targets annoyed him that day.

I guess the reason why I'm here on MalwareTips today, on the good guys side is because I became so disillusioned with what hacking and malware writing had become. I mean to me personally, there is a difference between "virus" and "malware". Virus to me reminds me of showing off, coding prowess and skill, whereas malware is just a blunt soulless instrument for making money.

Apologies for the old-timer kind of rant but that's my viewpoint anyway

True. I like to 'hack' my old Highschool friends' accounts too, just so I can have some lulz. Obviously I don't mean any harm to their PCs, or their Facebook. The worst, most destructive and most complicated virus I've ever made, just for the lulz, was a ransomware, although I didn't encrypt it, because I never let it outside my own PC. Why would I do that? Because I am not a hacker, I am just a computer scientist.

I understand that in the 70's and the 80's, 'virus' was meant as a means to a prank. Most of the virus that was made by 'hackers' were teenagers looking to prank their teachers or troll someone. But now, "virus" is a grave crime, for obvious reason. Why did I choose the good side too? Because more stable money, more secure living, more now-I-can-finally-sleep-at-night moments, more thank yous and more respect from society.

Sometimes I love to show my skills too, but let's not forget, that once all legendary computer scientists were n00bs. When they got hands on their first computer, nor did they know what is programming. Let's be humble, because no matter how great we are, we were inspired from someone, and once we were too, n00bs.

 

[TIA]

I have always been slightly intrigued by the 'Hacker', I could understand the fascination in what they do but not 'the why' they do it. (I really didn't know about the money that could be involved)

My friends young boy has always locked himself away on his computer, since the first day I gave him an old one of mine, (when he was about 11 yrs old)
He was such a shy lad and sadly ridiculed at school ... he is now 20 years old and a loner and his Mother was worried so I had a quick word with him and just said: "Is my handsome 'God Son' locked away because he is into hacking?"
His answer was straight from the heart when he said "i'm good at it, i never do any harm, but I'm good at it"

Good enough for me and good to know that they do good too ... especially on here!

 

[NullPointerException]

I have always been slightly intrigued by the 'Hacker', I could understand the fascination in what they do but not 'the why' they do it. (I really didn't know about the money that could be involved)

My friends young boy has always locked himself away on his computer, since the first day I gave him an old one of mine, (when he was about 11 yrs old)
He was such a shy lad and sadly ridiculed at school ... he is now 20 years old and a loner and his Mother was worried so I had a quick word with him and just said: "Is my handsome 'God Son' locked away because he is into hacking?"
His answer was straight from the heart when he said "i'm good at it, i never do any harm, but I'm good at it"

Good enough for me and good to know that they do good too ... especially on here!

Tell him to keep up good work, because someone, somewhere in the world, people like me support him.

 

[Cowpipe]

I have always been slightly intrigued by the 'Hacker', I could understand the fascination in what they do but not 'the why' they do it. (I really didn't know about the money that could be involved)

My friends young boy has always locked himself away on his computer, since the first day I gave him an old one of mine, (when he was about 11 yrs old)
He was such a shy lad and sadly ridiculed at school ... he is now 20 years old and a loner and his Mother was worried so I had a quick word with him and just said: "Is my handsome 'God Son' locked away because he is into hacking?"
His answer was straight from the heart when he said "i'm good at it, i never do any harm, but I'm good at it"

Good enough for me and good to know that they do good too ... especially on here!

You tell him that if he comes on to MalwareTips and sends Cowpipe a PM, I'll be glad to help him out. I started out exactly like him, long days locked away in my room, reading through code and such

 

[TIA]

Thank you both, I think he might be really chuffed to read some encouragement .. thank you!!!

 

[Deleted member 178]

I use conputers since so long time that i should/could be a hacker but i am not because i prefered play video games than reading codes

 

[NullPointerException]

I use conputers since so long time that i should/could be a hacker but i am not because i prefered play video games than reading codes

Pahh...Reading code > Playing games. You can do the former first, and the latter later.