Jump to content

Whitehat malware


Recommended Posts

This is kind of just a pointless funny thought I had that maybe someone will take literally. What if whitehats started writing malware that, when infected a machine, would check for things such as the firewall turned off, internet explorer as the default browser, no AV installed/updated and then would auto-correct these issues and even educate the users on basic security practices. I just thought I would share that, I think it would be a funny thing to do :p

Link to comment
Share on other sites

Actually, some companies do do just that. Pentest companies sometimes are hired to do that what you mention, like phishing email training while also assessing their systems. I know, because I help some of them make the files and quizzes, but someone going solo to "patch" users machines, without permission, is more a grey area, than whitehat in my mind.

Access without permission or knowledge of the owner, is still a crime, even if its to fix flaws(although I totally agree its a good thing to fix them).There have been people that have written bot nets and worms that patch and close holes, but if you get caught, you're still committing a crime in nearly all parts of the world if someone wants to press charges and you got caught.

I for one, like the idea of cleanware(if I can coin the phrase) since what you describe to me is less malware and malicious, and trying to do a service for good, but thats how people get themselves in trouble a lot of times.

Not going to debate if its good or bad to patch a system you see a flaw in(I would, but thats just me), but I've contacted domain owners, etc, when I've found holes or such that are externally facing and easily found, often without even trying to trigger an error or flaw. Many times, it comes with backlash too though, and trying to get vendors and programmers, host companies, etc, to fix flaws, is not as easy as it sounds. Getting them to even respond to you half the time is even harder, or trying to find the right contact person can be damn near impossible, and they always pass the buck with things like "this is on our subnet range, but not hosted by us directly, and as such, we're not responsible" kind of stuff and you and up having to track down every name, email, person, phone number attached to the site, and it becomes a full time job just to tell someone "Hey, this is broken, here's the flaw". I believe in responsible disclosure, but often the only way to handle it is just go public with the flaw since its the only way to get someone to fix it, which in itself, has its drawbacks, and puts you square on the chopping block. Had it happen personally.

Link to comment
Share on other sites

wow, that would actually be quite funny and cool at the same time? Strangely enough I thought of something similar.

Would still break the law but in a good way?
How about at the same time it would remove malware and trojans?

white hat malware? Genius!


Link to comment
Share on other sites

If Whitehats wrote such code, which we do, it wouldn't be considered "malware" as it's not inherently malicious. Depending on the application(s), some software have management consoles which means we can literally see what people have/lack and can automatically or manually push updates to the machine.

For some companies, it's much easier to create a simple script to make sure all the required default services are turned on (or off) upon user login.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...