Malware analysts tell crooks to shape up and write decent code Blackhats beware: reverse engineers are laughing at your buggy advanced persistent threat (APT) malware. You've done pretty well though: your custom payloads were effective at breaking into enterprises and the damage it did was quite devastating. But many were being found and added to anti-malware signatures all too quickly …
So the code isn't elegant, is inefficient and bug-ridden. It is still effective enough in general to provide a threat sufficiently high as to pay for the likes of FireEye and these analysts to exist.
I'm not sure what value there is in publicly crowing about the miscreants' skills because, as the analysts say:
"APT authors don't care enough to take any of this advice. All the stuff they build works, so they don't tend to care."
This article only goes to prove the point of all those conspiracy theorists out there, who have said for years that the anti-virus industry was working hand-in-glove with the virus writers. So these analysts want to HELP the hackers write BETTER code? Cue the black helicopters, and, "Shut 'er down, Clancy, she's pumping mud!"
Well, one of two things will happen.
Either their prediction will be true and nothing will be done to improve the coding, which is likely. After all, don't fix it if it's working and hence, isn't broken.
Or, they'll be listened to by the APT leadership and efforts will be down for some time as the coders learn how to properly code. Then, the folks analyzing the code will be commanding even more of a premium in their pay and hence, to company profits in elevated pricing, just to compensate for the increased quality.
From my own personal experience with APT's, I suspect it'll be the former.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
