Does Posting The Code Of Malicious Malware Help The Security Community?

If you are a software developer then you know how important the source code of a project can be. When you look inside of something as vital as the source code you can see all of the secrets that are inside the program. The source code being shown to the world is basically the same equivalent of the human body being opened up and examined.

malicious malware

So you might think that it is a good thing that the source code of a malicious tool is available for the world to see. It really can be. But it can also be very bad as well.  In this article I will talk about both the good and the bad of having a piece of Malware source code available for the world to see.

The good that comes from posting the source code of a malicious piece of software

The one thing that is hard about computer security is trying to predict when the bad guys are going to strike. If you are someone who has the ability to really analyze an object that is in front of them then having a sample of malicious malware source code allows you to be able to predict the bad guys behavior. True, the source code will only show you the behavior of the bad guy who wrote it but it will show you to mind state of the people on that side of the fence. Just like in any other part of the computer world they are sure to gather up in groups online and speak to each other. When they do this they learn from each other and share techniques. Most of the time if you catch one member of the group, you are going to learn something about the other members as well. When you are talking about the world of computers very few people start off their projects completely from scratch and that includes the bad guys.

And with the learning of the behaviors of the bad guys you will also learn several technical techniques that they use as well. You will be able to take the source code and create barriers around your projects so that the particular piece of malware that you are looking at will not be able to affect it. When a medical scientist needs to be able to find a cure for the latest virus that is going around they get a sample of the virus and work from there. This also works in the computer world as well. Usually when a company is trying to find the cure for an online virus they look at what it is doing and try to block those effects. If you have the source code available to you and you know exactly what it is doing then it is even easier for you to stop.

The bad that can come from posting the source code of a malicious piece of software

While I have shown the good that can happen from posting a piece of source code from malware, I must also tell you that there are bad things that can happen as well. While everything that we do in life has a cause and effect, some of the consequences of trying to do the right thing can be dire.

When you have the source code of a piece of malware that can be dangerous, it is up to you to make sure that you are doing the right thing by posting. One of the things that can happen is that you can easily influence the next generation of malware writers. When they get to see a piece of code that is pretty much a blue print of working malware, they can start to work off of that and then branch off to make their own version. They know the mistakes and the good ideals that were involved and they can take or leave out these clues.

Even worse than someone who can be inspired from the source code that you are showing is someone who takes the code verbatim and tries to use it in an attack. There are attacks all of the time that will use old pieces of malware that have already been defeated by most antivirus solutions. Some black hat hackers still use this option because either they do not know how to create another attack or they know that there are still a lot of people out there who have not defended their machines from this attack. People who have not done that will be easier to pull other cyber attacks off on as well.

The availability of the source code from a piece of malware can be both a good thing and a bad thing. It can be a good thing because the good guys will be able to learn from it while they strengthen their system. It can be a bad thing because the bad guys will be able to learn from it as well.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.


  1. […] Through The IndustryWith So Many Antivirus Programs On The Market How Do You Choose The Right One?Does Posting The Code Of Malicious Malware Help The Security Community?Why Should You Change The Defaults On All Of Your Software?Now Mac’s Get Viruses?Thanks for […]

Speak Your Mind