Exploring Malware: A Journey into Fun, Profit, and Innovation

Charlie AveryCharlie Avery
2 min read

Introduction to Malware

Welcome to my blog, where we will dive into the fascinating world of malware. This blog explores why developing malware can be both an enjoyable and profitable endeavor, while emphasizing its evolving nature with new threat actors and techniques constantly emerging.

The Joy of Malware Development

Malware development is a dynamic field, offering a playground for creativity. Whether you're dissecting the Windows API or delving into the Linux kernel, your computer becomes a canvas, and your keyboard a tool for crafting code. Enjoyment drives learning, making it a rewarding hobby for those who love programming challenges.

Learning Through Fun and Profit

Writing malware for fun is the best way to master it. Humans learn best when engaged, and this applies to coding malicious software too. However, turning it into a profit-making venture requires advanced skills—it's not a beginner's game. Like any art, it demands practice and a high level of programming expertise. This blog focuses on the basics to get you started.

Introduction to Windows Malware

One fundamental technique is process injection, a cornerstone of malware design. This method involves:

  • Obtaining a handle on a target process.

  • Allocating a buffer in its memory.

  • Writing shellcode into that buffer.

  • Creating a thread to execute the injected code.

For this, languages like C or D (preferred by some, see [https://dlang.org]) are ideal for interacting with the Windows API or kernel. Key functions to master include:

  • OpenProcess (HANDLE)

  • VirtualAllocEx (LPVOID)

  • WriteProcessMemory (BOOL)

  • CreateRemoteThreadEx (HANDLE)

Check the Win32 API documentation at [https://learn.microsoft.com/en-us/windows/win32/api/] for detailed syntax and usage.

Profiting from Malware

(Note: Profiting from malware is illegal and not endorsed.) To generate income, malware must be effective and hard to detect. Options include:

  • Stealers, selling logs with emails, usernames, and passwords.

  • Botnets, turning infected devices into DDoS power for sale.

  • Ransomware, which, though highly profitable for blackhats, requires significant skill. Even novices have succeeded through social engineering, but this is risky and illegal.

Exotic Malware

Exotic malware uses obscure languages to evade analysis, such as:

  • DLang [https://dlang.org]

  • Zig [https://ziglang.org]

  • Elixir [https://elixir-lang.org]

  • Nim [https://nim-lang.org]

  • VLang [https://vlang.io]

These languages lack extensive libraries, making them less analyzed than C, Python, or Go. An example is HawkLoader [https://github.com/dk0m/HawkLoader], a DLang-based shellcode loader using SysWhispers, ported by mod-broker, to obscure its operations.

Conclusion

Malware development blends art and science, offering a unique learning curve. While fun and potentially lucrative, it demands skill and ethical consideration. Stay curious, but always prioritize legal and responsible coding practices.

0
Subscribe to my newsletter

Read articles from Charlie Avery directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Malwarecybersecurity#cybersecurityhackingcodingProgramming Blogs

Written by

Charlie Avery
Charlie Avery

I am a 19 year old, self-taught, computer programmer and aspired malware analyst. I have also taught myself penetration testing via TryHackMe and HTB. I hope to one day work in a security operations centre, protecting companies world-wide from threats.