Categories: FeaturedNewsSecurity

Top 4 Malware Fails

Even though malware, ransomware, and other types of malicious software continue to pose a significant threat to consumers and enterprises worldwide, not all of these “projects” are successful. In most cases, this is due to sloppy work by the developers who aim to wreak havoc with their malicious code. In fact, most of these issues revolve around a lackluster understanding of cryptography.

#4 Voodoo Programming

Do not be mistaken in thinking this is a digital way to hex someone or put a curse on them. Voodoo programming is a term used to illustrate a troublesome misunderstanding of cryptographic technology. One such example is the Zeus malware, which used a badly-coded command and control communication method. Even though command and control communication is still present in most forms of malware, things have significantly improved over time.

For the Zeus malware, its developers used the RC4 stream cipher as a base and decided to improve upon it. By XORing each byte with the next to produce final ciphertext, the developers thought they were doing the right thing. Unfortunately for them, this did nothing to improve traffic security. While this has no negative consequences, it illustrated the lack of understanding related to RC4.

#3 Malware Improvisation Is A Bad Idea

Malware developers are always trying to showcase their skills, and one-up their competitors. Solving programming issues by improving can lead to great results, but it can also backfire. The late

Nuclear Exploit Kit fell victim to badly executed improvisation by its developers. Using the Diffie-Hellman Key Exchange to encrypt information was a good idea, yet setting the secret key to “0” resulted in not having effective encryption whatsoever.



Related Post

#2 Malware Is Not A Poker Game Bluff

Some types of malware show a great deal of bark, yet come with little bite.

Nemucod, a well-known Trojan, made some headlines because it could transform into ransomware. However,  the toolkit lied to its victims by stating the files were encrypted with RSA-1024. A rather odd statement from a type of malware that was incapable of encrypting files at the time.

Moreover, Nemucod did nothing more than alter file extensions, rather than holding them hostage in exchange for a Bitcoin payment. On the few occasions files got locked, they were not encrypted with RSA-1024 either. Instead, the developers used a simple rotation XOR cipher. To the average computer users, it is impossible to tell the difference. Security researchers, however, quickly cracked Nemucod and eliminated the threat.

#1 Copy And Paste Is Sloppy

Although many people expect great things from malware developer, some of these criminals are lazy. Using code found online can provide valuable insights as to how the malware should behave. Copying and pasting this code into a new malware toolkit is sheer laziness.

CryptoDefense is a prime example of this behavior, as it was a near 1:1 clone of CryptoLocker. One major difference was the implementation of the low-level cryptographic API offered by Windows OS. Unfortunately, the developers nearly copied this code piece by piece, rendering the ransomware ineffective. After all, any victim could decrypt their files without paying any money.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

18 mins ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

34 mins ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

4 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

5 hours ago

IntelMarkets (INTL) Receives Massive Demand From Chainlink And SUI Investors Looking To Position For The Best Bull Run Gains

As the cryptocurrency market gears up for a bull run, IntelMarkets (INTL) is attracting significant…

5 hours ago

FOMO Selling Trigger $1 Billion Liquidations as LINK & SOL Bleed Heavily; What to Do Next?

In the past, Chainlink (LINK) and Solana (SOL) have been among the most discussed altcoins…

10 hours ago