MalwareMustDie (MMD), NPO is a white hat hacking research workgroup that was launched in August 2012. MalwareMustDie is a registered

nonprofit organization A nonprofit organization (NPO), also known as a nonbusiness entity, nonprofit institution, not-for-profit organization, or simply a nonprofit, is a non-governmental (private) legal entity organized and operated for a collective, public, or so ...

as a medium for IT professionals and security researchers gathered to form a work flow to reduce

malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...

infection in the

internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...

. The group is known for their malware analysis blog. They have a list of

Linux malware Linux malware includes viruses, Trojans, worms and other types of malware that affect the Linux family of operating systems. Linux, Unix and other Unix-like computer operating systems are generally regarded as very well-protected against, but no ...

research and botnet analysis that they have completed. The team communicates information about malware in general and advocates for better detection for

. MalwareMustDie is also known for their efforts in original analysis for a new emerged malware or botnet, sharing of their found malware source code to the law enforcement and security industry, operations to dismantle several malicious infrastructure, technical analysis on specific malware's infection methods and reports for the cyber crime emerged toolkits. Several notable internet threats that were first discovered and announced by MalwareMustDie are: *Prison Locker (

ransomware Ransomware is a type of malware that Encryption, encrypts the victim's personal data until a ransom is paid. Difficult-to-trace Digital currency, digital currencies such as paysafecard or Bitcoin and other cryptocurrency, cryptocurrencies are com ...

) *Mayhem (Linux botnet) *Kelihos botnet v2 *ZeusVM *Darkleech botnet analysis *KINS (Crime Toolkit) *Cookie Bomb (malicious

PHP PHP is a general-purpose scripting language geared towards web development. It was originally created by Danish-Canadian programmer Rasmus Lerdorf in 1993 and released in 1995. The PHP reference implementation is now produced by the PHP Group. ...

traffic redirection) * Mirai *LuaBot *NyaDrop *NewAidra or IRCTelnet *Torlus aka Gafgyt/Lizkebab/Bashdoor/Qbot/ BASHLITE) *LightAidra *PNScan *STD Bot *Kaiten botnets (

Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...

DDoS or malicious proxy

botnet A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, sp ...

) *ChinaZ (China

DDoS In computing, a denial-of-service attack (DoS attack) is a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host co ...

Trojan) * Xor DDoS (China DDoS Trojan) *IpTablesx (China DDoS Trojan) *DDoSTF (China DDoS Trojan) *DESDownloader (China DDoS Trojan) *Cayosin DDoS botnet *DDoSMan (China DDoS Trojan) *AirDropBot DDoS botnet *Mirai FBot DDoS botnet *Kaiji IoT DDoS/bruter botnet MalwareMustDie has also been active in analysis for client vector threat's vulnerability. For example,

Adobe Flash Adobe Flash (formerly Macromedia Flash and FutureSplash) is a mostly discontinuedAlthough it is discontinued by Adobe Inc., for the Chinese market it is developed by Zhongcheng and for the international enterprise market it is developed by Ha ...

(LadyBoyle SWF exploit) and other undisclosed Adobe vulnerabilities in 2014 have received Security Acknowledgments for Independent Security Researchers from Adobe. Another vulnerability researched by the team was reverse engineering a proof of concept for a backdoor case () of one brand of Android phone device that was later found to affect 2 billion devices. Recent activity of the team still can be seen in several noted threat disclosures, for example, the "FHAPPI" state-sponsored malware attack, the finding of first ARC processor malware, and "Strudel" threat analysis (credential stealing scheme). The team continues to post new Linux malware research on Twitter and their subreddit. MalwareMustDie compares their mission to the

Crusades The Crusades were a series of religious wars initiated, supported, and at times directed by the Papacy during the Middle Ages. The most prominent of these were the campaigns to the Holy Land aimed at reclaiming Jerusalem and its surrounding t ...

, emphasizing the importance of fighting online threats out of a sense of moral duty. Many people have joined the group because they want to help the community by contributing to this effort.

References

External links

* {{Official website, https://www.malwaremustdie.org/ Security White hat (computer security)