How a malware works
Computers & Technology → Blogging / Forums
- Author Shahriar Galib
- Published May 29, 2023
- Word count 682
Hacking is one of the most enjoyable and mysterious tech fields in the world. There are tons of different sides of hacking which you can choose as your career. But among all of them, my favourite one is "The Red Teaming" sector.Where a hacker aggressively/offensively attacks a system(with permissions) and hacks into it to show the vulnerabilities of that system to the Blue Team.
Malware Development is one of the most important skills a red teamer needs to have.If you don't know how to code malwares, then you will not know how they can attack your/your client's organization.
A malware is nothing but a program or software that runs or executes on a system and takes full control over that.A malware can steal your files , encrypt them, fetch important credentials, spy through your camera and a bunch of other dangerous things. To program a malware first you need to fix the target platform. A target platform is more like the OS your victim runs.It can be a windows system or an android and even an iOS.
For hacking into a windows pc you can code your malware in C, C++, Python, Assembly and many other languages. I have just mentioned the widely used languages. It seems like a headache to choose your programming language for developing a malware.But it is not the thing you should worry about. The thing you need to focus on is if your malware is FUD(Fully Undetectable) or not. But yes, if you are going for a windows victim then i would recommend C or Assembly .For android, better go with Java or C++
Now let's get into the real discussion. How a malware works!
A malware program consists of some really interesting abilities:
- Building a connection:
-Malicious programs that infect the victim system must build a connection with the attacker's pc. It is considered as reverse TCP connection. It can be done by Socket, SignalR etc.
- Being Stealthy:
-A malware needs to run on the victim system in a such way, so that the victim does not get to know if there is a malicious program running or not. It can execute and run it's process in the background, which makes it do it's work silently. There are libraries in C that can co-operate to code a stealthy malware
- Feature functions:
-A malware does have a bunch of functions that are user defined. In these functions, the hacker writes the code that returns some specific malicious results to the hacker. For example, I have written a function in the client file that has the codes to copy the bytes of an image of the victim system and sent them to the server that the hacker has. There will be tons of other functions written by a hacker that can do various of malicious activities.
4.Obfuscation:
-After coding the malware a hacker needs to do the most important thing which has no alternative. That is obfuscation. Obfuscation is making the virus so much unfamiliar to the anti-viruses so that they can't detect it and flag it as a virus. For that purpose we can do things like Packing, Encrypting, Hex Editing or writing the codes in such a way that can not be read by a human or an anti-virus. As an example, the function to fetch credentials of the system may have the codes where we need to work with the file paths of the system. There we can write those paths in a very abnormal way. Instead of "C:\Users\Public\creds.txt" we can write:
import platform
wallpaper = chr(67)
life = ":"
design = "Pub"
def riv():
if platform.system() == "Windows":
return "\"
asset = wallpaper+life+riv()+"Users"+riv()+design+"lic"+riv()+"creds"+".txt"
print(asset)
The above Python code prints exactly "C:\Users\Public\creds.txt"
We just made it look so difficult to read for the AV solutions.
These were the steps how a malware works. Now obviously a malware structure is far more complex than this article says. But these are the fundamental parts a malware contains.
Hello, My name is Shahriar Galib.I am a Cyber Security Specialist and a trainer from Bangladesh.
I have been learning and researching on various security threats and attacks for almost 6 years.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- How to Turn E-Scrap for Cash
- 100+ Brilliant Informative Essay Topics and Writing Tips
- How Do You Get to the Setup Wizard on a Brother Printer?
- Expert Tips For Implementing Contract To Hire Recruitment Solutions
- The Ultimate Guide to Dental IT Support Services by LA Dental IT
- AWS Automation Tools For Disaster Recovery
- Is Blogging Dead? Why you should ( still ) start Blogging in 2024
- The Ultimate Guide to Choosing the Right HR Compliance Solution for Your Company
- Local SEO Services – Boost Your Business Locally with Effective SEO Strategies
- How AI Can Help Automate and Improve Keyword Research
- AI Uses to Generate Written Content
- The Ultimate AZ-900 Azure Fundamentals Study Guide
- Unlock Your Creativity with Google Bard: An LLM Chatbot Tool
- The Pitfall of a 'Woke' Chat GPT and Why Elon Musk's xAI Could Be the Game Changer
- What is the Best Blogging Platform?
- What are the Best Free WordPress Plugins?
- How to Choose the Best Niche for Your WordPress Blog
- 10 Tips for Maintaining a Successful WordPress Blog
- What are The Most Important Pages to Include on Your New Website?
- How to Make Money by Creating a Content-Filled Website
- What are the 7 Things to Avoid at All Costs with WordPress Blogging?
- What are the Secrets of Writing Killer Blog Posts?
- What are Common Sense Guidelines for Using WordPress?
- How to Optimize and Speed Up Your WordPress Blog
- What Makes WordPress an Incredibly Powerful Blogging System?
- What Are the 10 Scariest Things About WordPress Blogging?
- How is WordPress the Best Choice for a Website?
- What Do You Need to Know About WordPress Security?
- How To Be More Successful At Blogging To Make Money
- How to Use a Security Checklist to Help Keep Your Blog Safe From Hackers