Yesterday and today I’ve noticed the author malvuln1. He has uncovered vulnerabilities for 14 malware and backdoor applications. Yes, you are correct: He has found vulnerabilities in malware and backdoors, practically with proof-of-concepts to reproduce. No need to emphasise, that’s all Windows malware we’re talking about.
There is no indication whether he contacted the respective vendors of the affected “software” prior to his full disclosure. Also missing are CVE2 reference numbers and CVSS3 Scores. But with a chuckle we just look away.
I think the biggest humiliation would be to find a way to a victim via a vulnerability in a malware, kind of superlative of a hackback4.
Looking further at the published vulnerabilities I can discover another purpose besides self-promotion and learning effect. An attribution5 is easier to make if habits or even individual developers become traceable. Malware authors too are just people in a certain context, with pre-cursors and mistakes. Particularly amusing are such habits, which at the same time also expose shortcomings in basic concepts, but still lead to the “right” results in the end of the day.
But beware! Someone could also use these characteristics to lay false leads. A nice little game with unexpected twists and turns.
Enjoy your start in the new week,