I want to be a Malware Developer.
Thread of the subject.
I am looking forward to be a malware developer. I have basic programming (ANSI C ISO 99 + Assembly )and computer science skills

I have a list of questions.

(1)What are some list of topics that I need to learn thoroughly?

(2)How much does a malware developer make on average monthly?

(3)Is there any legal job that deals with writing malwares (NOT MALWARE ANALYSIS) or is it a illegal profession?

(4)How can I hone my skills in malware development? And how much time do I need to devote to learning it?

Also, how do you make money selling malwares and how do you distribute it?
(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (1)What are some list of topics that I need to learn thoroughly?

From what I can see, you already know some of the fundementals of writing good low level malware (ANSI C, Assembly and CS). But in my experience from talking to other people, it would be a good idea to learn some of this stuff https://greysec.net/showthread.php?tid=6825 If you can write low-level stuff you can more easily try to exploit the system (For example privilege escalation).

But its in no means nessecary to know. You can still write more easy/simple projects by just knowing like Python or other languages without any low-level knowledge. For example keyloggers, droppers, clipboard jackers, crypters etc.

One thing I would recommend learning about though is how crypters/binders work, how to bypass antivirus mechanics & PE-injection/PE-format. This will really help you to make more stealthy malware can be be undetectable by antivirus. I will drop some links here to some good resources:
- https://greysec.net/showthread.php?tid=6981
- https://greysec.net/showthread.php?tid=6805
- https://greysec.net/showthread.php?tid=3244
- https://greysec.net/showthread.php?tid=6806
- Malware development part 1: https://0xpat.github.io/Malware_development_part_1/
- Malware development part 2: https://0xpat.github.io/Malware_development_part_2/
- Malware development part 3: https://0xpat.github.io/Malware_development_part_3/

Also for learning about botnets I would probably recommend learning about topics such as networking. More specifically maybe topics like p2p/torrent-traffic or fastflux DNS.

I don't have a lot of experience writing malware though. Just do my own hobbie projects myself sometimes to challenge myself into bypassing AV. But I think you should maybe hit up Vector on here for more good advice (Our supermoderator & GS Devs leader).  He has more knowledge about this stuff.

(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (3)Is there any legal job that deals with writing malwares (NOT MALWARE ANALYSIS) or is it a illegal profession?

That depends a lot on where you live. You country and laws etc. But in my experience, looking around for jobs like this myself sometimes. It seems like the best path to legal malware development would be through the government. A lot of governments has different agencies involved with writing malware. For example signals intelligence, law enforcement or military. If you look through those places to see if they have any cyber/it-departments. But other than that, I think in some countries you can work for private companies who does these things too, usually contracted by governments to develop it.

Another path could be red-team, like penetration testers. This isn't purely malware development. But you can write your own malware to use during engagements to inject your target during a penetrationtest.

(09-04-2021, 12:26 PM)TheCodeGirl Wrote: (4)How can I hone my skills in malware development? And how much time do I need to devote to learning it?

In my opinion. One of the best things to learn any code related stuff is to get your hands dirty. Try to write your own malware for yourself. And just try it out. Get a virtual machine, infect yourself. Scan it with different antivirus engines to see how it performs etc.

(09-04-2021, 12:26 PM)TheCodeGirl Wrote: Also, how do you make money selling malwares and how do you distribute it?

This is probably harder to do legally. Illegally though if you have knowledge and rep you can sell these in marketplaces in different blackhat forums. Or you can try to get yourself involved into different criminal groups and write malware for them. Like ransomware gangs. Not that I'd condone this stuff.

But more legally. Maybe like I mentioned before, see if there's any private companies involved with this. In some countries there are private companies involved in being contracted by different actors to write malware. More practical examples would maybe be like Hacking Team or the IT-security sector in Israel.
The only thing I can say - which Insider hasn't already mentioned - is that you can work producing content. You see, there is a difference between working *developing malware* and *using/selling malware*. Let's say you create a blog, channel, page, etc. You can post your creations, write-ups, showing your studies, techniques your malware uses, and so on. If it draws enough attention, you can get sponsorship or even a fixed spot at an anti-virus developer. The only extra is that your codes are already marked at birth.

Which is not bad, it can motivate you to study. Because each new malware will need to bypass the techniques that were used to detect the previous ones. Sounds like a good way to me and will keep you out of trouble. Possibly.
Hello CodeGirl

I feel we have similar aspirations. Aside from learning the technical skill that goes into making a potential product, in this case malware, I think an ongoing process is at least observing how markets and forums operate and how human nature plays into that. It seems to me that everything that happens online has the underlying same behavior that would be found "away from keyboard." What I mean to say is that personally I've found it to be a lot easier (but still challenging) to place myself in the minds of those I'm trying to reach and then work backward from there in terms of the technical steps that need to be achieved. Technology in this light is just a means to an end.

In keeping with this I would strongly suggest to be as discrete and observant as possible. The fringe areas of the internet, while in my opinion are the most interesting places to be, are largely populated by individuals who want easy money, status, and the excitement of doing illicit activities. To adopt a phrase from Apocalypse Now, the bullshit on the darknet piles up so fast you need wings to stay above it. Or silent unblinking eyes that can pierce through the layers. Just be careful. I'll stop now before going into some misconstrued nihilistic/misanthropic monologue...

To be clear, I myself have yet to make a single cent from my efforts, so who am I? These are just my observations. This is going to sound highly dubious, but I would suggest looking at the first part of Andy Grove's "High Output Management." It centers on how to create a production cycle and the issues surrounding it, whether you're creating stuffed animal toys and/or malware that's never been seen before. I am also a disciple of vertical integration if I understand correctly. Controlling all aspects of the levels of production, or at least having a majority control. I digress.

Hopefully this makes sense and is of relevant use.

I praise your entrepreneurial spirit and look forward to seeing how things develop.


Possibly Related Threads…
Thread Author Replies Views Last Post
  Most want suspected, ureteroneocystostomy, acceptability, catastrophic. eteyuke 0 36 Yesterday, 03:35 PM
Last Post: eteyuke
  Guide For Malware Development Inessa_Fevre 13 13,463 04-26-2022, 11:03 AM
Last Post: Ayumi_Nkm
  Malware Source-code Share Insider 6 22,055 02-22-2022, 06:50 PM
Last Post: itxfahdi
  Don't Connect Back - Beaconing Malware deviant 7 22,156 02-04-2022, 10:26 PM
Last Post: rektard