Exclusive: Most of the Malware Exploit kits running in Vulnerable nginx server


Bad guys always attempt to exploit the vulnerabilities in victim's system and infect their system with a malware.  It's our turn, Let us hack them back and break into their box.

Malware Must Die(MMD) Team has discovered that most of the malware exploit kit servers, malware page redirection server and malicious proxy servers are using vulnerable version of nginx server.

The team has released poc codes "that was coded & released in Full Disclosure by KingCope" that will be helpful to break into the malicious server and gain access to them by exploiting the known vulnerabilities.

It can be found here: http://pastebin.com/eX69Db7B

The vulnerability allows the security researchers to take control of the server and obtain the infection source codes.  In some cases, it also helps to track the cyber criminals.

Ransomware, IRC Worm, Zeus, Botnets source codes shared in Germany Torrent

Malware Must Die Team found source codes of Botnets was being shared in Germany Torrent website. 

The team successfully grabbed all of the data from the torrent.  Shortly after they downloaded the files, the account that uploaded the files was closed and the file shared was deleted.

According to the team, the malware source codes are old one , mostly from three to four years ago. "most of them are bots/botnet clients source codes of various malicious implementation and some of them are still considered a 'useable' stuff." The blog post reads.


The screenshot provided by the team apparently shows they have the source codes of Zeus, Ransomware, IRC Worm, Sql Brutter Client and UNIX Bot (Client).

Today, one more member from the team found similar source code is being shared openly via HTTP in a website hosted in Sweden .

The malware must die team is ready to share the source codes only with Av industries, authorities and trusted security researchers.