It starts in a public forum, individuals can post code the the forum moderator and they will test the code, the moderator then writes back if the software works. if it works as advertised people start buying it and posting there own reviews. Then they can get discounts and all sort of perks.
It reminds me of the (old?) IRC channels or the (definitely old) BBS systems where you get credits for uploading, that you can use for downloading,
The bad guys treat the best customers very very well. There was an advertisement for customers for a party at a castle with free Sony VAIOs, and the very top buyers and referrers got class C Mercedes.
"The Secrets of Malware" Valsmith and Delchi cDc/NSF from are both from offensivesecurity. Very cool site that takes malware samples from anyone, posts them in the forums, analyzes them and posts the analysis. So they talked about some trending data from questions they have been asking...like what type of packers are used the most (upx/pecompact/aspack/fsg/pepack). Or what type of compilers in order of prevalence (ms vc++, msvb, borland delphi). Then some more out of the box type questions came up...like what type of packer are the least frequently used (private-exe 1%, codesafe 1%, soft-defender 1%).
Delchi mentioned his goal is to have the intial analyis done and posted within 5 minutes of a malware sample upload. Seemed kind of ambitious, but he stepped through some of his process and the perl code he is using to drive the time to analysis down.
Posts
No comments:
Post a Comment