_____         .__                                  _____                  __ ________  .__        
    /     \ _____  |  |__  _  _______ _______   ____   /     \  __ __  _______/  |\______ \ |__| ____  
   /  \ /  \\__  \ |  |\ \/ \/ /\__  \\_  __ \_/ __ \ /  \ /  \|  |  \/  ___/\   __\    |  \|  |/ __ \ 
  /    Y    \/ __ \|  |_\     /  / __ \|  | \/\  ___//    Y    \  |  /\___ \  |  | |    `   \  \  ___/ 
  \____|__  (____  /____/\/\_/  (____  /__|    \___  >____|__  /____//____  > |__|/_______  /__|\___  >
          \/     \/                  \/            \/        \/           \/              \/        \/ 

MalwareMustDie! :: malwaremustdie.org

[ Home ] [ Blog ] [ Tweets ] [ Codes ] [ Paste ]

[ News ] [ Video ] [ Images ] [ Malwared ] [ SendSample ]

About Us

MalwareMustDie, as a white-hat security research workgroup, launched in August 2012, is an Non Profit Organization media for security professionals and researchers gathered to form the work-flow to reduce malware infection in internet. We work to raise malware awareness by sharing general information of malware infection scheme and trend to the common users, helping security vendors and public automation malware-related scanning/decoding tools by providing in depth decode analysis to the recent malware infection frameworks, and work with legal authorities to take down malware domains, and its further threat intelligence

We aim to establish good relationships vertically with authorities, and horizontally with the fellow researchers and security entities, so that cooperation can be enlisted in dismatling domains that host malware and its infectors in internet.

Our analysis and reports can be viewed in our media i.e. our blog - in every posts we are not only sharing analysis information but sharing research materials for education in malware analysis and the samples to increase the malware detection ratio, we always upload our malware samples in Virus Total after the analysis and precaution needed is done. We also share the method we used for research in our Google Project (contains of tools, codes and tips), and we share our research drafts, guides and security awareness by using our pastebin and twitter. You can reach our other shared information from media sites by using the menu link on the top of this page.

Some of our recent achievement can be viewed in the internet news with the earlist news can be viewed in the next section, and in this link you can review the background and of why we start our workgroup.

We often use the term "crusade", which is taken from the medieval terminology, but please don't get us wrong, that is the term used for a condition when a member is in online and contributing his "rest or private" time in research of analyzing a new threat or a malicious scheme, un-related to the crusade era eventhough we like to use many images of it. The research itself is conducted by the member(s) in their free time after daily work and is not related to their professional obligation, as his contribution to our MalwareMustDie workgroup research, for the public awareness purpose.

All of research materials collected are evaluated and checked for its credibility and quality before being posted in our sites as analysis research, or passed as a report to the authority, or to be published in our mentioned publication media. We often encourage the people in the info security to interact with our security experts in malware analysis and infection handling by providing Q/A assistance via twitter. All of the research information that we share is bound to our legal disclaimer.

Reports, news and mentions during establishment period

We collected the news about us during our earliest establishment period and can be viewed as per below list.
With thank you very much to the fellow researchers, news media and friends for the kindly mention our works.

News: Die Malware Crusaders kämpfen gegen Schadsoftware. Hacker gegen Malware "Nachts nehmen wir Malware-Seiten hoch"
News (mentioned): The rise of the white hats
News: Second Version of Hlux/Kelihos Botnet Getting Smaller, MalwareMustDie disagrees with the figures..
News: Malware Must Die : Opération « Tango Down » sur des sites russes malveillants
News (mentioned): Kelihos Relying on CBL Blacklists to Evaluate New Bots
News: CookieBomb Attacks Compromise Legitimate Sites
News (mentioned/quoted): Exclusive: Ongoing malware attack targeting Apache hijacks 20,000 sites
Report: Deactivation of severe .RU malware infector domains (collaboration w/CERT-GIB friends)
Report: The shutdown of Malware Domains served by Malicious DNS
Report: Guide to decode Blackhole infected sites released
Mentioned: Octopi Managed Services: "About Malware Must Die"
Mentioned: Cisco Blog: New Fake UPS Malware Email Campaign
Mentioned: Eromang - Boeing-job.com Campaign and Adobe Flash 0days
Mentioned: Sam Bowne's CNIT 126: Practical Malware Analysis
Mentioned in Talos/VRT/Snort: The 0-day That Wasn't: Dissecting A Highly Obfuscated PDF Attack
Mentioned: Kahu Security - Clever Redirect to Impact EK
Mentioned: Contagio - Blackhole 2 exploit kit (partial pack) and ZeroAccess
Mentioned: E-Hacking News: Spam Tweets : "My aunt joined and is making 2k .."
Mentioned: 0x109 - Evading AV signatures, BHEK2 way
Mentioned: A Guide of confirming a hacked legit service by Blackhole Exploit Kit
Reference: Botnets.fr - Getting more personal and deeper into Cridex with parfeit credential stealer
Mentioned: Cyren - Analysis Drive-by-Malware ½·Eine Analyse (Eleven-securityblog.de)
Mentioned: DNS-BH Sinkhole - Big Update: 211 Serenity Exploit Kit, Malspam, Malicious Domains

And there are plenty more MalwareMudtDie workgroup's works were mentioned in the internet media and security research reports afterward.
Please search "MalwareMustDie" keyword in your favorite search engine for the "recent" news results.


If you are looking for our assitance please do not hesitate to send a direct message to our twitter account @malwaremustdie.
Or please leave comment to our research/analysis blog into a specific post you would like us to elaborate or explain.

Your contact will be followed by handler(s) accordingly. Until then..stay safe!