Day at theZoo

No that is not a typo. The original theZoo is a github repo with commodity malware samples.  Everyone has access to malware that is off-the-shelf and it’s the most common type.  No Advanced Persistent Threats here. But your anti-malware software will probably flag you.

It’s neat because you can use it to study this code. Alternatively, you could do some things that are not recommended. You could create a phishing email that could be sent to a million users, not targeting anyone in particular like the APTs do.  The APTs and other lone hackers or groups create more sophisticated malware. Instead, these users–sometimes called script kiddies–can download say WannaCry ransomware and send it out through your phishing email (or through a “stager” email malware that will load other modules). No reconnaissance needed here.

Think about it, if only one percent of a million users open the email, you end up with 10,000 compromises. Not a bad pay day.

Leave a Reply

Your email address will not be published. Required fields are marked *