• Source: MalwareMustDie

MalwareMustDie, NPO is a whitehat security research workgroup that was launched in August 2012. MalwareMustDie is a registered nonprofit organization as a medium for IT professionals and security researchers gathered to form a work flow to reduce malware infection in the internet. The group is known for their malware analysis blog. They have a list of Linux malware research and botnet analysis that they have completed. The team communicates information about malware in general and advocates for better detection for Linux malware.
MalwareMustDie is also known for their efforts in original analysis for a new emerged malware or botnet, sharing of their found malware source code to the law enforcement and security industry, operations to dismantle several malicious infrastructure, technical analysis on specific malware's infection methods and reports for the cyber crime emerged toolkits.
Several notable internet threats that were first discovered and announced by MalwareMustDie are:

Prison Locker (ransomware)
Mayhem (Linux botnet)
Kelihos botnet v2
ZeusVM
Darkleech botnet analysis
KINS (Crime Toolkit)
Cookie Bomb (malicious PHP traffic redirection)
Mirai
LuaBot
NyaDrop
NewAidra or IRCTelnet
Torlus aka Gafgyt/Lizkebab/Bashdoor/Qbot/BASHLITE)
LightAidra
PNScan
STD Bot
Kaiten botnets (Linux DDoS or malicious proxy botnet Linux malware)
ChinaZ (China DDoS Trojan)
Xor DDoS (China DDoS Trojan)
IpTablesx (China DDoS Trojan)
DDoSTF (China DDoS Trojan)
DESDownloader (China DDoS Trojan)
Cayosin DDoS botnet
DDoSMan (China DDoS Trojan)
AirDropBot DDoS botnet
Mirai FBot DDoS botnet
Kaiji IoT DDoS/bruter botnet
MalwareMustDie has also been active in analysis for client vector threat's vulnerability. For example, Adobe Flash CVE-2013-0634 (LadyBoyle SWF exploit) and other undisclosed Adobe vulnerabilities in 2014 have received Security Acknowledgments for Independent Security Researchers from Adobe. Another vulnerability researched by the team was reverse engineering a proof of concept for a backdoor case (CVE-2016-6564) of one brand of Android phone device that was later found to affect 2 billion devices.
Recent activity of the team still can be seen in several noted threat disclosures, for example, the "FHAPPI" state-sponsored malware attack, the finding of first ARC processor malware, and "Strudel" threat analysis (credential stealing scheme). The team continues to post new Linux malware research on Twitter and their subreddit.
MalwareMustDie compares their mission to the Crusades, emphasizing the importance of fighting online threats out of a sense of moral duty. Many people have joined the group because they want to help the community by contributing to this effort.




References

Kata Kunci Pencarian:

• Topi putih
• VirusTotal
• MalwareMustDie
• Rkhunter
• Chkrootkit
• Mirai (malware)
• VirusTotal
• White hat (computer security)
• Xor DDoS
• Linux malware