Categories: FeaturedNewsSecurity

Top 4 Malware Fails

Even though malware, ransomware, and other types of malicious software continue to pose a significant threat to consumers and enterprises worldwide, not all of these “projects” are successful. In most cases, this is due to sloppy work by the developers who aim to wreak havoc with their malicious code. In fact, most of these issues revolve around a lackluster understanding of cryptography.

#4 Voodoo Programming

Do not be mistaken in thinking this is a digital way to hex someone or put a curse on them. Voodoo programming is a term used to illustrate a troublesome misunderstanding of cryptographic technology. One such example is the Zeus malware, which used a badly-coded command and control communication method. Even though command and control communication is still present in most forms of malware, things have significantly improved over time.

For the Zeus malware, its developers used the RC4 stream cipher as a base and decided to improve upon it. By XORing each byte with the next to produce final ciphertext, the developers thought they were doing the right thing. Unfortunately for them, this did nothing to improve traffic security. While this has no negative consequences, it illustrated the lack of understanding related to RC4.

#3 Malware Improvisation Is A Bad Idea

Malware developers are always trying to showcase their skills, and one-up their competitors. Solving programming issues by improving can lead to great results, but it can also backfire. The late

Nuclear Exploit Kit fell victim to badly executed improvisation by its developers. Using the Diffie-Hellman Key Exchange to encrypt information was a good idea, yet setting the secret key to “0” resulted in not having effective encryption whatsoever.



Related Post

#2 Malware Is Not A Poker Game Bluff

Some types of malware show a great deal of bark, yet come with little bite.

Nemucod, a well-known Trojan, made some headlines because it could transform into ransomware. However,  the toolkit lied to its victims by stating the files were encrypted with RSA-1024. A rather odd statement from a type of malware that was incapable of encrypting files at the time.

Moreover, Nemucod did nothing more than alter file extensions, rather than holding them hostage in exchange for a Bitcoin payment. On the few occasions files got locked, they were not encrypted with RSA-1024 either. Instead, the developers used a simple rotation XOR cipher. To the average computer users, it is impossible to tell the difference. Security researchers, however, quickly cracked Nemucod and eliminated the threat.

#1 Copy And Paste Is Sloppy

Although many people expect great things from malware developer, some of these criminals are lazy. Using code found online can provide valuable insights as to how the malware should behave. Copying and pasting this code into a new malware toolkit is sheer laziness.

CryptoDefense is a prime example of this behavior, as it was a near 1:1 clone of CryptoLocker. One major difference was the implementation of the low-level cryptographic API offered by Windows OS. Unfortunately, the developers nearly copied this code piece by piece, rendering the ransomware ineffective. After all, any victim could decrypt their files without paying any money.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Altcoins to Watch in November: Binance Coin (BNB), Rollblock (RBLK), and Neiro (NEIRO)

As the crypto markets roll into their most bullish time of year, we present three…

2 mins ago

Analysts Forecast $1 for Cardano and Lunex Network As Dogwifhat Plunges To Former Lows

As the crypto market prepares for a major rally, experts believe that two top altcoins,…

10 mins ago

Retail Traders Panic Sell During ‘Fake Dip’; Whales Hold Tight to SOL, DTX, and SHIB for a Millionaire-Maker Bull Run

Solana (SOL): A Strong Ecosystem Despite Volatility Solana (SOL) has been all over the place…

54 mins ago

Llama 3.2 Predicts Price For Dogecoin: $2 Peak By 2025 And $5 Rally For DTX Exchange This Winter

Cryptocurrency trends are keen on the forecast that was recently released by Llama 3.2 model…

2 hours ago

Crypto Whale Sparks 8x Surge In $OPK Price with Massive Buy-in

A mysterious crypto whale, who previously invested 9,600 SOL into tokens $Pnut and $FRED, has…

3 hours ago

Early ENS Investor Transfers $2.47M To Binance Amid Upcoming Token Unlocks

An early investor linked to the $ENS token recently transferred 154,000 ENS tokens, valued at…

3 hours ago