Dubbed Malvuln, a new project is up and running that aims at cataloging vulnerabilities in malware code thus turning the tide on the bad guys!.
About Malvuln Project
Security researcher John Page (with alias hyp3rlinx on Twitter) has created a website for logging vulnerabilities in malware.
Set up as Malvuln, the project aims at listing all sorts of bugs and vulnerabilities within malware code.
This logging will supposedly help security researchers in understanding malware weaknesses. For IT personnel, it will potentially help them in getting rid of the malware should active infection occur.
There are many websites already offering information about Malware like Hashes, IOC, Reversing etc.
However, none dedicated to research and analysis of vulnerabilities within Malware samples… until now
The project’s website presently lists 31 vulnerabilities (at the time of writing this article). Though, the list is growing quickly since first disclosed by Security Week.
The researcher came up with this idea during the COVID-19 lockdown. He announced the launch of the project via a tweet.
Launched https://t.co/lCnVcxAMdv a week ago, all about vulnerabilities in Malware. Using the handle "malvuln"… feedback welcome.
— Hyp3rlinx (@hyp3rlinx) January 9, 2021
As stated on the website, all the vulnerabilities presently listed there were gathered by the researcher himself.
For now, he hasn’t invited any third-party contributions.
Thanks, not at the moment want to see where it goes for now… will see.
— Hyp3rlinx (@hyp3rlinx) January 10, 2021
Is It Really That Useful?
Although, the researcher clearly aims at setting up this website for educational and research purposes.
However, Greg Leah, Sr. Director, Intel & Services at HYAS Inc., a cybersecurity firm, having such a critical project publicly exposed might also do the reverse. That is, it might instead facilitate the cybercriminals in fixing the weaknesses in their malware.
As he mentioned in his response to Page’s tweet,
Great idea but I question the logic of publicly disclosing vulnerabilities in malware. Malware authors monitor security experts & twitter. By pointing out weaknesses in their encryption efforts etc we give them opportunities to improve the malware they would not otherwise have.
— Greg Leah (@powershellcode) January 11, 2021
Moreover, Page has also clearly alerted all website users to remain careful, especially, to avoid downloading any malware samples.
Do not attempt to download Malware samples. The author of this website takes no responsibility for any kind of damages occurring from improper Malware handling or the downloading of ANY Malware mentioned on this website or elsewhere.
Perhaps, it all depends on who uses this website and for what purpose. For now, let’s see in which direction this innovative project goes.
Let us know your thoughts in the comments.