Comments on: The Malware Challenge

By: Apneet Jolly

Apneet Jolly — Sat, 10 Jan 2009 09:23:00 +0000

Oh yeah – there was no need to use ollydbg to unpack the malware, it was packed with UPX (+a bit of trivial hex editing).

See my submission entry at http://www.malwarechallenge.info/results/jolly.pdf
for more details.

By: Apneet Jolly

Apneet Jolly — Sat, 10 Jan 2009 09:21:05 +0000

The challenge is over, so feel free to post the link to the source code. I’m curious if you found a link other than the one I found.

(My challenge submission references included a link to similar source code I had found).

Overall, I felt this challenge was fairly easy, but I’m looking forward to participating in it again next year!

By: youngzuse

youngzuse — Thu, 08 Jan 2009 03:58:13 +0000

my wireless hack website is

http://www.wepwpahacker.blogspot.com

By: youngzuse

youngzuse — Thu, 08 Jan 2009 03:57:30 +0000

lol

By: spk

spk — Wed, 07 Jan 2009 20:28:43 +0000

@yougzuse: too young’un ;)

By: youngzuse

youngzuse — Tue, 06 Jan 2009 08:58:26 +0000

hey all i have msn admin rights and i am able unlock any @msn @hotmail @live address i currently charge 25.00 per account recovery i accept paypal only to this address youngzuse@live.ca once i have received the funds in full with in 24 hours i will send you the new password just to show i am not a scammer and i am the real deal heres a screenshot
of my admin tool

http://i550.photobucket.com/albums/ii409/youngzuse/untitled.jpg

By: greg

greg — Mon, 05 Jan 2009 22:28:16 +0000

@jon

You are right, they need to be locked up. There is very little (if any) deterrence against the criminal behavior right now. :(

nick h has a point: without malware we’d likely slip into complacency. We don’t need to worry about it going away however: just like the physical world – where there is money there is crime.

By: Dude

Dude — Mon, 05 Jan 2009 06:53:13 +0000

Ollydbg comes will a free trojan in the tutorials.

By: Descention

Descention — Mon, 05 Jan 2009 01:12:19 +0000

I agree with nick h, if we didn’t have any security vulnerabilities then when one arises, we would have no way to defend against it, no basis.

But at the same time, I do agree with jon and think these people should not roam freely about the net.

By: steve

steve — Sun, 04 Jan 2009 22:51:23 +0000

I’m so glad I dont have to deal with all that malware crap! you guys have fun now.

By: Nick H

Nick H — Sun, 04 Jan 2009 22:19:16 +0000

@jon:

The internet without malware would be like your immune system without any environmental antigens. It’s a terribly bad idea.

good security depends on a feedback loop between attacks and improvements. you need both to evolve.

By: Ajan

Ajan — Sun, 04 Jan 2009 20:05:00 +0000

Hey, those are interesting tools.
I never used tools myself. But I removed the orkut worm and the drive guard worm myself..hey, m a rookie..wat do u expect me to do?? get some more crazy stuff off the net?? hehehe!
Love this site!

By: Jon Williams

Jon Williams — Sun, 04 Jan 2009 16:10:51 +0000

Malware authors should be imprisoned (I’d be okay with water-boarding them, too). How many billions of dollars of productivity are lost world-wide each year because of these jokers?

By: Descention

Descention — Sun, 04 Jan 2009 03:13:05 +0000

I may have found a page containing the crxbot’s source code. Not sure if I’m allowed to link files here, so I’ll put up a link on my own site (which is under construction).

By: TJHooker

TJHooker — Sun, 04 Jan 2009 03:10:19 +0000

Once you know the structure of PE or ELF it’s pretty easy to unpack one, unless it’s some VM mutating packer with dynamic crypto like some commercial solution have now.