Open Malware began because I wanted to learn more about reverse engineering malware. Most of the reverse engineering texts were tomes dedicated to the craft of software piracy, or too basic to do any real malware analysis. The techniques largely consisted of finding the license check, patching them out, and then screwing the MIRC developer out of money. I wanted to look at malware, and it simply was not publicly available. The few samples publicly available were either so old to be useless, or not working.
1980s - 2004 Malware for the lolz
The antivirus industry was fully discouraging any outside research into their field. From invite-only events, to the Good Ol’ Boys network, they all actively sought to exclude noobs from the field. Those that shared quality samples had to do so in private, under the false assumption that it was unethical, immoral, or illegal. AV industry events tended to be a wash for content. There was a lot of marketing, distribution of new FUD propaganda techniques, and not much content. They were rich, happy, and sitting on an emergency.
Those of us who were looking at the legions of public joining the internet in droves, wildly accepting dodgy EULAs, pirating music through unsecured sites in combinations with the fantastic amounts of money being spent online were a recipe for disaster. The only way to fight against the surge of online thieves was to change the antivirus industry.
In 2007 Offensive Computing was founded. It began as a simple Drupal site that allowed file attachments, and the collection exploded. It started with 100 samples, quickly shot up to 1000, and we were starting to run into scaling problems. When the 40,000 sample mark was hit there was special pain involved.
Eventually the scaling issues were solved, and a generic malware upload / download site was created. I scaled the site up to 7 million+ samples. To scale I needed dedicated development time to work on it. Unfortunately I also needed a job, and had kids that were my ultimate priority. Furthermore I had some health issues that were consuming a lot of my time and energy. The site was languishing, so I renamed it to Open Malware to more accurately reflect what I was doing. Thanks to friends at Georgia Tech’s Information Security Center, I was able to avoid the overwhelming hardware costs and provide access to the site for a few more years.
The content and maintenance of the site languished as I realized it was impossible to be a good father, do a good job at work, and generate new content. The site languished, and I would eventually shut it down for good. Now I post here and on Twitter.
I have been lucky to have some really great mentors who have helped me become a better security analyst, software developer, reverse engineer, and manager. It’s my hope this site will help you learn how to analyze malware and compiled code.
How to Contact me