Malwarebytes was born out of the malware fighting community. I am not just talking about antivirus vendors and experts but from everyday people who wanted to take a stand against malware and help other people fight it too. It is because of that origin that we not only try to give back to the community as much as possible but also depend on the community to help us in the fight against malware. This blog post is about how YOU can help us out in the fight and also give you some insight into our processes and how you can use Malwarebytes Anti-Malware to its fullest potential to help your friends and family do the same.
Our ProcessIn order for us to protect our customers from the latest threats, we have to constantly update our central database with new detection definitions and pass them down to each Malwarebytes Anti-Malware client. Every single day, our researchers write new definitions based upon the malware they are able to collect and analyze.
SubmissionsIf you are wondering where you might fit into this process, it would be in sending in malware samples to our researchers. Do you need to be a malware expert to do this? No. Do you need to have a heavy technical background? No. All you need is the drive to find new and interesting malware that we don’t currently detect and an account on our forums so you can submit what you find. Here is how:
1. After you have an account, direct yourself to our Research Center Forums. There are two of them:
- New Rogue Threats – You would post Rogue Antivirus programs here.
- New Malware Threats – You would post all other types of malware here
Topic Title Field: name of the sample(s) You can use the Topic description field as well if you have multiple samples.Content of post:samplename : MD5 hash - url to Virustotalreport samplename : MD5 hash - url to Virustotalreport samplename : MD5 hash - url to Virustotalreport ....* Attachment = the sample(s)+URL(s) to the sample (if available). If you want, you can zip the text file of URL(s) and add as a second attachment in your post, your choice.
Submission Tip: If you can’t obtain the MD5 hash on your own, don't worry, when you send the file through an online scanner, such as VirusTotal, it should provide that value for you.
4. Next, you need to go back to the listing for the “Newest XXXXX Threats” forum and click the “Start New Topic” button on the top right.
5. You will be directed to a page where you can fill out and submit your malware sample. In addition to any scan reports you decide to include in your post, by following the template above and inputting the necessary information, you should end up with something like this:
Submission Tip: You can also use this area to input any useful information about the file, such as where you obtained it from and/or which directory you found it in when the file was discovered. Anything that can help us stop this malware and other malware like it from spreading to any more victims is helpful and we greatly appreciate it.6. Your next step would be to double check that you have uploaded the file and click the “Post New Topic” button.
Congratulations! You just took a stand in the fight against malware, thank you! You should see a response by one of researchers shortly, thanking you for your submission or asking for any further information they may require.
Malware HuntersWith all the samples coming in from contributing users, how do we narrow down the number of samples to only the most time-sensitive and unique ones? The ones which are the most important for us to be able to detect and remove right away? Enter the “Malware Hunters” group.
The Malware Hunters group consists of individuals who have contributed the highest amount of unique and critical files to our efforts and generally are the best at fighting and discovering malware. There are some perks to being a Malware Hunter as well:
- The ability to download samples from our forum to study.
- Submitted samples are looked at with a higher priority than those from Non-Malware Hunters.
- Access to tools which make submissions even more efficient.
- A spiffy title on the forums.
- Contribute unique and interesting samples frequently.
- Contribute verified malware samples frequently, not just false-positives.
- Have a dedication to fighting malware that stands out and gets our attention.
EffectivenessSo you might not be cut out for finding new malware to submit to our researchers, but you still want to do something to help the fight. You should remember that the fight against malware starts with every single user and how they keep themselves safe below the level of calling tech support.
UpdatesI think a lot of people, who are not very familiar with fighting malware, believe that if you install an Anti-Malware solution then you will never need to update it and will be safe forever. The truth is that new malware is always being developed and unleashed upon the masses. Sometimes the malware itself is not new but the way in which it conducts its operations is slightly different, enough so to evade previously developed definitions; we call these slightly different types of malware “Variants.”
Here is an example of what might happen when not frequently updating your definitions:
User A has been using Malwarebytes Anti-Malware for a while now and even though they see the pop-ups which inform him that his database is outdated, he ignores them because it seems like something he could probably put off.So you see, sometimes the best way to protect yourself from new malware is to simply update your Anti-Malware/antivirus definitions regularly, otherwise you might end up being a User A. This same advice is helpful for any friends or family you have that might be in trouble with some malware and aren't as proficient as you are at getting rid of it.
User A decides that since he is protected, he doesn’t think twice about loading up a program he downloaded off of a shady website which popped up yesterday.
As it turns out the program had Ransomware malware hidden within it and now he cannot access his files.
User A then calls up User B, who is into computer security, and asks for her help.
User B knows that User A is using Malwarebytes Anti-Malware and searches our forums for some help on fighting Ransomware. She finds a thread which gives a walkthrough and talks User A through how to reboot his computer in safe-mode and running a scan with his instance of Malwarebytes Anti-Malware.
User A reports that it didn’t detect anything and begins to have a panic attack.
User B asks if User A had updated his definitions recently, User A replies that it has been a little while, about a year or so.
User B stares at the phone headset and sighs, she then tells User A to update his definitions and run the scan again.
User A does so and the Ransomware is detected! It is removed and he once again has access to his files.
Being SuspiciousWith technology in nearly every aspect of our lives, it’s not hard to fall into a comfort zone when it comes to things like security. However, this fact is something that a lot of malicious attackers and malware distributors attempt to exploit, usually ending in your personal information being stolen or destroyed. Being suspicious while using any device is always a good way to keep you safe, here is a list of some things to always be cautious about:
- Whenever you input ANY personal information, make sure you trust the destination.
- When opening e-mails make sure you have some kind of layer between you and the e-mail, whether it be a web interface like with Gmail or security precautions to not view HTML in emails.
- Only download software from legitimate sites that you know you can trust, using shady websites or torrents can lead to an infection by malware.
- Always be prudent when it comes to security for your mobile devices, make sure they have passwords or other security measures. Just as you can get attacked over the internet, you can be attacked by just leaving your laptop or cell phone unattended in a public area.
- Don’t connect to any WIFI networks unless you know and trust the source, this is especially true for Airports and Hotels.