Tuesday, August 28, 2012

The raise of "#MalwareMustDie!"

Malware and its evolution is becoming the continuous threat in internet and computer industry. We are now coming to the stage to admit to the fact that malware "industry" is actually on winning stand to persist its existence in this longest 15+ years historical fight by keep on infecting, compromising and lurking us further implementation of their evil scheme, until now, altering their "badness" into "bad" business-like activity.

Malware is seriously affecting our road in improving the internet and IT technology. Day by day good people in security area are analyzing new malware, mitigating the the further infection by strengthen victim's prevention defensive production layer, yet, malware, which is driven by the blind lust and greediness of the actors, supported by the fact of low risk of law and order consequences, is managed to grow exponentially and becoming unstoppable, by keeping on evolving its technology to one single purpose: to aim more victims and mome more money.

These malicious software is now growing in large amount of variants and in a fast speed infection pace, as one of the scheme to evade filtration/detection/mitigation scheme of the defensive layers. Yes, malware bad actors are pushing their badness within the lag time between the new mitigation signature release to gain as many infection as possible. Actors are evolving from criminals, mischieve skiddies, state sponsors until the militant movements are using malware now. Not to mention the legitimation process of spywares and hacking tools that everyday we've seen.

There are questions that really to be answered now: "why" and "since when" we started to think and accept that malware is a "Never Ending" effort? As endless dilemma? Why this crime is unstoppable and growing wild?

Malware is now officially becoming a modern form of "online" crime tool, with their aggressive, tireless and persistent efforts that can be very systematic and organized in its arrengement. From the organization of the cyber criminal who sell the credential of the victims to the internet black market, some bunch crooks who aim to steal data and remotely logging the victim's computers, hacktivists who eager to infect the internet of things into a huge powerful traffic flooding cannons, entities who use them to spy on individuals, into the groups of extortionists with support scheme who aim for ransom upon successfully locking victim's system.

Malware is not only having bad effects like abusing, exploiting and harassing the internet users with their every obsolete scheme through chances they can get for theie distribution, but it is also ruining our moral values too (e.g.some of malware "methodology" are starting to be used "legally" against privacy rights), and some people are okay in accepting those facts that we never thought was going to happen now, in example: to be advised to pay ransomware instead to stop supporting the bad actors who made it by paying ransoms, to use the keylogger to spy on your spouses, to spread botnet for gaining whatever purpose you want to legitimize, etc.

The other fact that we have to admit which is, malware actors can learn and always making effort to cover their trace to avoid evidence collecting. Potential by the mean of: utilizing their own budget, man power and knowledge. Furthermore, coordinated efforts. So right now, for stopping one malware threat law enforcement agencies have to do the global coordination and cooperation with several security entities, which is obviously costly and hard. Yet it is impossible to stop this badness to the root.

Cyber crime is now highly profitable and far less risky than the real time crime act. This, made the rates of cyber criminal is having the lowest rank to face consequences of the badness they are doing,
In September 2014, the Europol released a report [link] that warned traditional gangs are increasingly turning to cybercrime for the above reasons.

The thing about our beloved current internet scheme is, a person, either he is a good guy or a bad guy, can use internet connection "in-the-fly" and connecting to any machine in any place and to any people he wants and performing some "activities", but when you have to handle a case of badness activity of an abuse or incident, specifically related to case the malware infection and its actors, you will be bumped to walls of boundaries, started from the service terms, domain names, territorial/regional regulation/law and in the end.. politics. This is making a stopping efforts and takedown a big issue now, so, one crook can start a badness easy and buying a bulk of domains for that purpose and get away after he feel enough.. but the others can not stop that badness as easy and as fast as thaybad actor to avoid the victimization of that badness. Victims will fall. Further, if this process is eventually combined with a regular law enforcing steps, the actors will be be a long gone. Unfortunately, this is the current fact now, let's face it.

Malware coders and cyber crime actors are also learning much about security exploitation technology more than us, it is their life style to do that. This has been proven by their coordinated efforts in keeping up following every vulnerability information, from internet server and client vectors. They camouflage their real identity as malware coder or actors and joining some security communities in order to get the latest exploitation information to be used for their bad purpose. Their method in infection is improving too with R & D exchange between criminals in their "dark side" forums, the bad guys is teaching each others by e-book and tutorials, they also lurk good guys to learn some more, and so they are getting better and better, and currently few of them actually can develop a new zeroday exploit for the purpose to make a big hit of infection. This, is also a current fact.

For the bad actors, this is all about money. Nothing personal, started from a simple economy oriented effect. For the honest living they can not get as much as they gain by using malware. They don't want to get arrested for malware they use, so they are supporting more people and more malware in different distribution scales to join the jungle of infection scheme, they urge fellow hackers to use more bad traffic service, more loads to sell and more exploit kits promotion, with a promise of easy good money. Hire good coders for their malware is also one of their strategy. It's no wonder if some actors, who are surviving for so long, now they are becoming clever and rich enough and having big influence in their bad-world community.

On the other hand, let's see our good people side, our malware fighting effort, now, is actually scattered in groups, organizations or entities.People yell OPSEC here and there. Threat information is becoming a commodity in the security industry. Victim's are becoming weak on their common sense in security for there are much tools to be bought and used and all they can do now is to trust on security marketing and its products. This situation is nobody's fault..it is just the fact, the way it is now that we need to improve, but frankly, it is not a winning stand against the rapid malware growth.

What we actually need now is a better scheme to match the speed of a malware threat speed. To make the good and bad "fight" becoming a fair field to put things in good control. Internet is more and more becoming our real aspect in life and not a zoo, and was never meant to be built to be a zoo too. Realizing the situation, what we can do to make an improvement of this situation is, to start giving our hands and dedication in threat research, to spend some few hours in our time to learn, or to help others, to do anything we can do to help situation to improve. Anything that can improve the situation is worth to help. Raising the threat awareness, reporting a malicious threat that has not been seen until now, or furthermore, maybe some intelligence, these will help the expected improvement. Sadly, there is still not so many people doing these acts too.

Now. these malware come everyday in your emails, in your hacked sites, in your compromised internet services, in your internet of things, they are targeting us directly, If not all people connected to internet would put a stand against malware, then there is nobody would, and there is no way we can put a winning stand against this threat forever, for sure.

In order to help fixing the situation, a bunch of engineers and security researchers in twitter are starting "MalwareMustDie" volunteer campaign to raise people's awareness of malware threat issues. For they who want to get involve in effort to reduce malware damages, this is just a one available option for you. Do not feel no more fear, you can gather to be straightforward in opposing malware together! Malware threat cannot be conquered by the small amount of individuals, that's why your effort always helps. Let us gather strength & help each other to learn to fight it.

Malware and its crime scheme was a "taboo" topic in the internet, so a lot of common internet users mostly don't really know what is really going on out there. So we are starting to do what we can in raising its threat awareness to educate their security common sense, by technical disclosure on malware as details as possible and as easy as they can be revealed. We investigate the source of infections, its malicious scheme for you and providing crime evidence information to the authority. We are jumping to the front line to face the cyber crime directly, right in their home ground, in order to disclose malware's distribution bad actors for you to know. It is all for you to help in inspiring authority and law to act directly against it.

We need your help, if you think what we are doing is right, please support this movement. Reading and learning information about malware to educate yourself is a good start, join the trusted security community group is also a way, learn it further yourself so you may know how you can prevent their infection and can teach others to protect them self better is a step to move forward.
Or, perhaps you can do more by helping to turn off their infection machines faster from internet. Let us do whatever we can to improve our situation against the badness online.

Let's return the purity of internet. We all need you. Internet needs you. God will guide us to the right ways.

Salve, Regina, mater misericordiae, vita, dulcedo et spes nostra, salve.
Ad te clamamus, exules filii Hevae.
Ad te suspiramus gementes et flentes in hac lacrimarum valle.
Eia ergo, advocata nostra, illos tuos misericordes oculos ad nos converte.
Et Jesum, benedictum fructum ventris tui, nobis post hoc exsilium ostende.
O clemens, o pia, o dulcis Virgo Maria.
Ora pro nobis, sancta Dei Genitrix.
Ut digni efficiamur promissionibus Christi.

MalwareMustDie, Non-Profit Organization (NPO)
malwaremustdie.org (c)MalwareMustDie, 2012-2016