Move over, Wannacry: BabaYaga, the competitive malware that destroys malware
21 replies, posted
BabaYaga and the Rise of Malware
BabaYaga checks target files for existing malware and, if they contain
malware, replaces the infected files with uninfected versions.
Furthermore, BabaYaga searches for files named “index.html,”
“index.htm,” or “index.asp” containing the text “hacked.” If BabaYaga
finds any of these, it will delete them. The reason for deleting such
files is that they are usually defacement pages which will reveal the
presence of BabaYaga.
Thus, by spreading itself, the competing malware will spread the new version
of BabaYaga. It is worth mentioning that even some biological viruses
can affect other viruses. For example, researchers at the University of
the Mediterranean discovered a virus named Sputnik that infects another
type of virus called Mamavirus.
A particularly interesting read. Malware that, essentially, kills other malware or "aborbs" them to learn their behaviors. Really scary shit, actually.
is someone going to create malware that targets BabaYaga and then reinstalls the malware that was on the system before?
It even has the ability to update or reinstall WordPress.
It is worth reminding that the purpose of BabaYaga is to show spam on infected websites.
So the effective difference is that it updates WordPress?
I already trust it more than the average web developer, honestly.
Thank you Mr. Wick
I wouldn't call this malware good or anything, it still partakes in sending spam. This virus, if anything, can be considered more brutal because it removes other malware before making itself home
It be your own niggas malware
Yeah but it's more like, if you had to kill a heard of lions and a dude with a gun, you'd let the dude kill the lions before you killed him.
So all they need to do is remove all the malevolent code and voila, we have a brand new antivirus company.
This isn't really a new concept. Malware is often great at removing other malware. Most malware has had botkillers for a long time. The issue here is that there's a 100% chance that BabyYaga has some vulnerability in it that opens the door to other malware to abuse its presence.
To illustrate, while BabaYaga merely eliminates certain malware from the
infected computers, a future version of BabaYaga may inject itself in
competing for malware and neutralize its impact on the infected system
without affecting the propagation capacity of the competing malware.
Thus, by spreading itself, the competing malware will spread the new
version of BabaYaga. It is worth mentioning that even some biological
viruses can affect other viruses. For example, researchers at the
University of the Mediterranean discovered a virus named Sputnik that
infects another type of virus called Mamavirus.
The part about taking other viruses over and using their spreading capabilities is purely a hypothetical.
(It's not a terrible idea, actually, but not really useful if you do have access to a C&C server anyway.
Programming these things in manually from samples is probably easier even in the relatively long run right now.)
Finally, Russian studies class has finally paid off. I remembered what BabaYaga was!
we Uplink now
its 20XX
inside your computer a walware war rages
Will it makes my monitor grow chicken legs?
I always wanted to see if anyone would ever do a "malware" like this; essentially an inverse virus that spreads itself to machines and cleans them of other garbage. Basically forcing susceptible people to have an antivirus.
if the executable isn't a mortar & pestle, so help me god.
Stuff like that used to be pretty common back when it took ages for 0day exploits to get patched. People would write worms that upon infecting the target machine would apply a hacky patch for whatever the flaw was and self destruct.
Usually they ended up causing more problems due to incompatibility between the unofficial patch and whatever official update got pushed out along the line.
A weapon to surpass Metal Gear.
And so it begins the MALAWARS.
nah, it will fly around in a mortar
imagine if you perform a check on why your computer has been running slow and it turns out 37 malwares are warring against each other on your computer.
Sorry, you need to Log In to post a reply to this thread.