The Mac Security Blog

Security & Privacy

Hackers’ Contest to Create Even More Malware

Posted on by

The annual Defcon hackers’ conference this August is featuring a strange competition. Called Race to Zero, it is described as follows:

The event involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their sample past all antivirus engines undetected wins that round. Each round increases in complexity as the contest progresses.

At first glance, this may seem like a good idea; to try and find weaknesses in antivirus software, in order to spur vendors to detect more malware. But when looking more closely, it turns out to be a very dangerous game indeed.

Security companies have a hard time stopping the proliferation of malware, and researchers attempting to make this even harder can only harm the broader community. In this contest, a large number of hackers will create dozens, even hundreds of variants of existing malware, which will then easily go into circulation. If their hacks are successful, this provides fodder to malware writers to help them tweak their code to further block detection. While the hackers in the contest may have good intentions, the result of their game is likely to lead to an increase of malware.

In addition, one of the contest’s rules shows just how dangerous this game is:

6. Techniques used to perform mutations will not be submitted to antivirus vendors without contestants approval but may be used during our post-contest round-up presentation

What this means is that any contestant can take his technique home, or share it, further spreading the spread of dangerous malware. If, on the other hand, the contest stipulated that all techniques would be shared with antivirus companies, at least those responsible for ensuring end-user security could be aware of them and improve their detection. This sort of conference is generally non-malicious, and hacks are usually found and shared for the good of the greater community. But this strange rule suggests that what has long been the attitude of the white-hatted hacker may be changing.

“We are especially worried that contestants or other participants will use this contest to develop techniques that may release new versions of very dangerous malware,” said Laurent Marteau, CEO Intego. “Encouraging hackers to spend their time writing more dangerous malware is not part of the hacker ethic; it is likely to lead to dangerous results for all computer users around the world.”

Comments are closed.