Disclaimer, guide line in sharing of research material and malicious source code


Any research material, source code, original terminology, process or security information technology published on the agreement may be the subject of Intellectual Property rights reserved by MalwareMustDie, NPO, its subsidiaries or partners, and are not licensed hereunder. Any malicious software research and codes, programs and any corrections, with its updates or new versions that may be made available by MalwareMustDie, NPO through the agreement are provided subject to the additional terms, conditions and restrictions indicated in the applicable section of the agreement.

If no additional terms are provided on such agreement, malicious software research materials and codes written by all MalwareMustDie,NPO research sites is governed by this provision.

All information provided via the agreement, including, without limitation, any MalwareMustDie, NPO or its subsidiaries' source code or service plans, original terminology, malicious software research programs, malicious software research code, offerings, or programs, statements of future directions, DISCLOSURES or other technical or marketing materials (collectively, "Information") is intended for informational purposes only and is subject to change or withdrawal by MalwareMustDie, NPO at any time without notice. MalwareMustDie, NPO assumes no responsibility for the accuracy or completeness of the Information. THE INFORMATION IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, INCLUDING (WITHOUT LIMITATION) ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. MALWAREMUSTDIE, NPO, FURTHER DISCLAIMS ANY LIABILITY IN CONNECTION WITH THE SITES OR THE INFORMATION PROVIDED HEREIN. Some jurisdictions do not allow the exclusion of implied warranties, so the above exclusion may not apply to you. IN NO EVENT WILL MALWAREMUSTDIE, NPO BE LIABLE TO ANY PARTY FOR ANY DIRECT, INDIRECT, SPECIAL OR OTHER CONSEQUENTIAL DAMAGES FOR ANY USE OF THE SITES, THE INFORMATION, THE CODES, OR ON ANY OTHER HYPERLINKED MATERIALS, INCLUDING, WITHOUT LIMITATION, ANY LOST PROFITS, BUSINESS INTERRUPTION, LOSS OF PROGRAMS OR OTHER DATA ON YOUR INFORMATION HANDLING SYSTEM OR OTHERWISE, EVEN IF CA IS EXPRESSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

All violation for the disclaimer and its agreement will be against World Intellectual Property Policy and International Patent Policy, to be escalated as claim to the court of law as violation of Malware MustDie, NPO property by duplication, making, using, selling, importing, or distributing a patented invention without permission.

(c)MalwareMustDie(TM),the NPO, 2012-2021.


All of the "research materials" that has been openly shared in the internet or undisclosed ones, including original research contents or terminology announced and posts in MalwareMustDie threat analysis blog (this blog or affiliate research sites linked to this blog), Google hosted sites and projects, Git repositories, Imgur dot com, Reddit posts, Pastebin dot com, Mediafire dot com shared documents and some other media sites are the subject of Intellectual Property rights reserved by MalwareMustDie, NPO, its subsidiaries or partners, and are not licensed hereunder, and the subject of the disclaimer stated in previous "Disclaimer" section.

The "research materials" mentioned above is shared only to known, trusted and close security industry and security community ONLY through our trusted vetted source of connection. And we have every right to choose which individuals or entities to share with based on out vetting result, and we will comply to law enforcement's requests to undisclosed further information that can interrupt any on-going the cyber crime imvestigation by redaction or taking down of the contents.

You may read and share, copy, quote, comment and re-publish the material with the written mention addressed to MalwareMustDie, NPO with the link to the related material or post. We have the right to confirm and assess any publicity that is not following this guide line, by legal approach accordingly. And all violation for the disclaimer and this guide line will be against World Intellectual Property Policy and International Patent Policy, to be escalated as claim of violation against the MalwareMustDie, NPO intellectual property by duplication, making, using, selling, importing, illegal copy, illegal quoting or distributing a patented invention without permission.

(c)MalwareMustDie(TM),the NPO, 2012-2021.


For security reasons we are applying limitation to the sharing of malicious source codes that we secured from bad actor's environment under the following explanation.

Basically an archive of a malcode (when still available) is shared for known, trusted and close security industry community ONLY via our colleague's trusted vetted secure communication. So if you are in AntiVirus, Malware Filtration, or Web/Proxy Attack Filtration (+IDS/IPS) industry's/entity's researchers and want to have you can send request from email address you are currently working for (noted, it will be not published). Your request will be checked and followed properly. This procedure will be applied the same way to Government Security Agencies, Law Enforcement Agencies or Incident Response / ISAC researchers.

The reason why we are limiting the shares is: security. It is not us for being "a picky" to whom we share the materials to, malware source codes are different to handle.
This area is very sensitive considering the following two points. (1) There is a possibility of an active investigation on the related case. (2) The subjects are NOT malware samples to be sharable to be learned to crack/reverse/analyze to, but these are the real malware source codes or malicious tools.. in ready to use form, shortly: the real crime/stealer/hacking tools! Owning these tools is against the law and order in many countries, and can make yourself being jailed in some countries. Some of these tools may still be actively spotted in crime operation scene in the internet. Which means: IF these bad tools leak or go to the irresponsible hands..this can be used for the VERY VERY BAD purpose and MalwareMustDie is not going to take responsibility for that risk and this disclaimer is designed to make that risk to be as minimum as possible.

In some countries that is forbidden to pass around those type of materials or tools without strict permission form law enforcement or appointed security agencies. So we apologize to researchers whose are not receiving any response. In this case, if you are persisting to have the requested materials, please contact your countries security agencies or law enforcement to give you a written reference of the research and purpose as the background of your request, to then we can re-discuss and process further.

Why did we post here and announce "the sharing" then? Because in reality there are many security legitimate entities that need to see the shared materials, the knowledge and the awareness. It is a must-share information (to be passed to the user-level), since victims must know what & how they get hit by the cyber crime actually.

In any form of sharing, we assure you, we have vetted the contacts, we have the right to record and monitor the distribution activity as detailed log to make sure unnoticed party can not access, we don't share to individual/unknown person and we will be happy to deal with legit security entity for sharing the threat information to the widest reachable audience in security community and law enforcement. Please be noted: By the time the object has been downloaded to the requester we DO NOT hold any responsibility for the misused of the materials, yet we will fully cooperative to any law enforcement request to share the download log and share record of a certain sharing event upon asked.

And again, we have to state this too: We have every right to choose which individual or entity to share with. And also we have every right to change our decision due to some security issue without announcing any notification in advance. We are NOT obligated to share any form of any of malware investigation and research we conduct by default. To share or NOT to share is the decision that our related volunteer team members involved to the case should decide in case by case basis.

In the end, we are terribly sorry if our scheme is not satisfactory to individual security researchers friends. Be free to send us comment or feedback at the below of this post with explaining your real identification or with the proof of your security research, then I am assuring you that you will be assisted upon your status is checked, either way, your information and privacy is remain save and unpublished. Further, without clear identification or by sending us a message by using email from any free any email accounts will not be followed accordingly.

This (see the below picture) is the evidence of what some bad actors in an indecent anti-security forum are actually think they can get our shared material by contacting us with faking credential of/as a security researcher:

..and because of them we must conduct strict sharing scheme.

(c)MalwareMustDie(TM),the NPO, 2012-2021.

Thank you for your understanding and support!

MalwareMustDie, Non-Profit Organization (NPO)
malwaremustdie.org (c)MalwareMustDie, 2012-2021