In the last few weeks I have been really following my passion for analysing malware. I think the desire to work out how these malicious programs work comes from my early days of getting hardware to do what it wasn't meant to do! I mean back in the day I was involved in both the early hackintosh scene (installing MAC OS on unsupported Windows laptops) and also I was involved with iPhone jailbreaks. Im not claiming any credit for any coding, but I was heavily involved with both subjects for about ten years and successfully jailbroke hundreds of iphones and ipads around the era of the iphone 3G to iphone 5. There is very clearly something in my personality that likes the idea of seeing how things work by pulling them apart and trying to make them do things they were not designed to do.
My interest in Malware analysis was born out of reading about one of my hero's Marcus Hutchins, a fellow Brit and man who saved the internet. For those of you who don't know Mr Hutchins is the young lad who saved the world from the Wannacry ransomware that infected hundreds of thousands of computers around the world. During his reverse engineering of said evil programme, Marcus discovered that hidden deep inside the code was reference to a strange domain name. Once Wannacry had infected a system it would ping this domain name, if no response was received the ransomware would continue with its infection by encrypting users files and data. If however the domain was live and could be 'seen' by wannacry it would halt the infection. Marcus described the domain as a kill-switch. Marcus went on to register the domain name and thus stopped wannacry in its path. We don't know why the threat actor had built in a kill-switch, but Marcus worked out the puzzle and quite literally saved the internet..... Ok that might be slightly over-kill but you get my point. From that day I knew this was an area I had to get in to. However work and life got in the way and I headed off in other directions.
Now 46 years of age and actually studying cyber security with a view to working in the sector Malware analysis is stirring my passion to find out how these programs work and more importantly how to stop them.
Starting with a Linux distro called Remnux I am learning how to import, analyse and report in a professional manner my findings. I absolutely hate ransomware with a passion so I'm aiming at malware designed to encrypt and steal data. I may decide to record my findings here and I may even upload some videos in between my studies.