Categories: Cybersecurity

This Service Helps Malware Authors Fix Flaws in their Code

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.

It is not uncommon for crooks who sell malware-as-a-service offerings such as trojan horse programs and botnet control panels to include backdoors in their products that let them surreptitiously monitor the operations of their customers and siphon data stolen from victims. More commonly, however, the people writing malware simply make coding mistakes that render their creations vulnerable to compromise.

At the same time, security companies are constantly scouring malware code for vulnerabilities that might allow them peer to inside the operations of crime networks, or to wrest control over those operations from the bad guys. There aren’t a lot of public examples of this anti-malware activity, in part because it wades into legally murky waters. More importantly, talking publicly about these flaws tends to be the fastest way to get malware authors to fix any vulnerabilities in their code.

Source : https://krebsonsecurity.com/2020/05/this-service-helps-malware-authors-fix-flaws-in-their-code/?mid=1#cid=968846

Veille-cyber

Share
Published by
Veille-cyber

Recent Posts

VPN : un outil indispensable pour protéger vos données

VPN : un outil indispensable pour protéger vos données Le VPN, ou « Virtual Private…

9 heures ago

Cybersécurité et PME : les risques à ne pas sous-estimer

Cybersécurité et PME : les risques à ne pas sous-estimer On pense souvent que seules…

2 jours ago

Phishing : comment reconnaître une attaque et s’en protéger efficacement

Comment reconnaître une attaque de phishing et s’en protéger Le phishing ou « hameçonnage »…

5 jours ago

Qu’est-ce que la cybersécurité ? Définition, enjeux et bonnes pratiques en 2025

Qu’est-ce que la cybersécurité ? Définition, enjeux et bonnes pratiques en 2025 La cybersécurité est…

5 jours ago

Cybersécurité : Vers une montée en compétence des établissements de santé grâce aux exercices de crise

Cybersécurité : les établissements de santé renforcent leur défense grâce aux exercices de crise Face…

1 semaine ago

L’IA : opportunité ou menace ? Les DSI de la finance s’interrogent

L'IA : opportunité ou menace ? Les DSI de la finance s'interrogent Alors que l'intelligence…

2 semaines ago

This website uses cookies.