06-01-2023, 02:26 AM
I have a cryptocurrency malware, I am making a decent amount in XMR from it from the infected computers but would like to make more. What are the best methods for spreading malware to more victims?
var unreadAlerts = '1';
How to spread malware? |
06-01-2023, 02:26 AM I have a cryptocurrency malware, I am making a decent amount in XMR from it from the infected computers but would like to make more. What are the best methods for spreading malware to more victims? 06-01-2023, 02:50 AM Some ideas off the top of my head would be: Hide it in legit software and post downloads for it or maybe in pirated games etc. Buy a ton of cheap USB sticks and load them with the virus and maybe random files so it looks like the stick is harmless and won't raise alarm then drop them around places. Pretty much you need to get people to want to install your software and I think that would be the best way to do it so they don't uninstall it or even know they have a virus. Interested to see what others come up with. “I'll just regress, because I feel I've made myself perfectly redundant.” 06-01-2023, 02:54 AM MilkSteak Wrote: Some ideas off the top of my head would be: These are good ideas. USB sticks would cost money and would have to be done in the real world which are 2 disadvantages. On the topic of pirated software I was thinking about spreading Adobe software cracks on torrents for people to download. The pirated software would work as intended but would secretly install the payload 06-01-2023, 03:21 AM True it is more risky to do the USB idea but I think it would be a good option if you knew people you wanted to target that had good computers for more hash power so its a more surgical strike option. Your idea about the adobe crack is exactly the way to go I think however as it is less risky and most people who download it will not even notice so long as the malware doesn't make the PC unusable. “I'll just regress, because I feel I've made myself perfectly redundant.” 06-10-2023, 09:36 AM The most effective way it like another reply said, hide it in legit software. This has recently been done with the "better minecraft" mod. But another way to spread it is through a botnet. Depending on how many people you have actually infected, you can take remote control of their computer and just send a shit ton of emails to their contacts with the malware inside of a jpg. (Gmail will NOT let you email an executable file such as .exe or .bat). Continue this for the new infects, you will have a fucking MASSIVE botnet to work for you. 06-10-2023, 10:38 AM (This post was last modified: 06-10-2023, 10:48 AM by ColdReloaded.) VIN7 Wrote: The most effective way it like another reply said, hide it in legit software. This has recently been done with the "better minecraft" mod. But another way to spread it is through a botnet. Depending on how many people you have actually infected, you can take remote control of their computer and just send a shit ton of emails to their contacts with the malware inside of a jpg. (Gmail will NOT let you email an executable file such as .exe or .bat). Continue this for the new infects, you will have a fucking MASSIVE botnet to work for you. Do not spam emails. This will be detected very quickly. --- You can try: - Scan for CVEs or vulnerabilites using PoC scripts (SSRF, file upload, vulnerable software, etc.). You can get DNS datasets from opendata.rapid7.com and use something like sonargrep (ilya.app/blog/sonargrep) to parse for suitable IPs, then use a script to scan. Modify the script if needed. - Create a phishing website and/or offer the binary as something legitimate. - Bind malware to an executable (game. legit software, etc.) and upload a torrent of it. This is a very old way to do it, and usually requires some sophistication (e.g. slowly becoming a trusted member to X site over time.) in order to maximize downloads. 06-15-2023, 03:40 AM if you know about XSS you can also look into affiliate marketing campaigns and low-budget ad campaigns. they usually allow you to either pay for each time your binary is installed (PPI affiliate networks) and don't do their due diligence with your binaries. easy business to hide malware in there. otherwise you could try to create a malicious advertisement that executes a downloading script or sth and submit it to a cheap ad campaign. bot of these ways cost money but tend to be effective too. |
« Next Oldest | Next Newest » |
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
Malware & Tool creation service | DerRoteMilan | 0 | 53 | 06-06-2023, 02:17 AM Last Post: DerRoteMilan | |
whoami 'malware' | malware | 0 | 81 | 06-01-2023, 04:06 AM Last Post: malware | |
[PoC] Doing malware self-destruction elegantly | KIARA | 2 | 146 | 05-31-2023, 09:54 AM Last Post: dkota | |
Cookie Malware | !67zIU | 4 | 211 | 05-28-2023, 11:16 AM Last Post: 167zIU | |
VB.net Code snippets for malware | scarab | 3 | 278 | 05-14-2023, 12:38 PM Last Post: napster2027 |