Malvuln – A Project Dedicated To Highlighting Vulnerabilities Within Malware

Dubbed Malvuln, a new project is up and running that aims at cataloging vulnerabilities in malware code thus turning the tide on the bad guys!.

About Malvuln Project

Security researcher John Page (with alias hyp3rlinx on Twitter) has created a website for logging vulnerabilities in malware.

Set up as Malvuln, the project aims at listing all sorts of bugs and vulnerabilities within malware code.

This logging will supposedly help security researchers in understanding malware weaknesses. For IT personnel, it will potentially help them in getting rid of the malware should active infection occur.

There are many websites already offering information about Malware like Hashes, IOC, Reversing etc.
However, none dedicated to research and analysis of vulnerabilities within Malware samples… until now

The project’s website presently lists 31 vulnerabilities (at the time of writing this article). Though, the list is growing quickly since first disclosed by Security Week.

The researcher came up with this idea during the COVID-19 lockdown.  He announced the launch of the project via a tweet.

As stated on the website, all the vulnerabilities presently listed there were gathered by the researcher himself.

For now, he hasn’t invited any third-party contributions.

Is It Really That Useful?

Although, the researcher clearly aims at setting up this website for educational and research purposes.

However, Greg Leah, Sr. Director, Intel & Services at HYAS Inc., a cybersecurity firm, having such a critical project publicly exposed might also do the reverse. That is, it might instead facilitate the cybercriminals in fixing the weaknesses in their malware.

As he mentioned in his response to Page’s tweet,

Moreover, Page has also clearly alerted all website users to remain careful, especially, to avoid downloading any malware samples.

Do not attempt to download Malware samples. The author of this website takes no responsibility for any kind of damages occurring from improper Malware handling or the downloading of ANY Malware mentioned on this website or elsewhere.

Perhaps, it all depends on who uses this website and for what purpose. For now, let’s see in which direction this innovative project goes.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients

1 comment

Hairstyles January 20, 2021 - 2:55 am
We stumbled over here by a different web address and thought I may as well check things out. I like what I see so now i am following you. Look forward to finding out about your web page for a second time.

Comments are closed.

Add Comment