Embed Malware in Alternative Data Streams

Yeah ofc! I honestly just have a laptop and a mic lol. I don’t even have an external keyboard atm XD. But honestly get something with decent storage 256GB -1Tb), a modern CPU, and RAM (8gb minimum). If ur gonna do a weirdly large amount of password cracking (or gaming) then get a good graphics card but most will suffice.
My components:
32gb ram
1tb storage
11th gen intel i7
Intel Iris Xe graphics card

@@CosmodiumCS thank you bro!!! greetings from México

i don't know why this never crossed my mind hhahaa! epic 🔥

Why?

This only worked for me when using cmd instead of Powershell

Yeah that’ll likely work, AV will be more concerned about the main exe then it would be for the ads exe.

@@CosmodiumCS wow this is so cool

I genuinely think it’s a great language with a lot of needed capabilities. New languages for malware are great because AV has not yet recognized its compilation signatures. However, there’s a “new” language every year. Rust, Go, carbon, nim, most recently “zig”. These languages have not yet hardened and likely have numerous vulnerabilities that will need to be patched down the road. We saw this with java and log4shell. C/C++ have been out for decades and have had years of tweaks and fixes. I will probably learn rust later this year but i do have concerns about new languages in the wild. Hopefully them being out in the wild gives them the opportunity to harden :)

@@CosmodiumCS Mate trust me Rust is alot safer than C and C++ when it comes to security or vulnerabilites. Rusts number 1 priorty has always been safety otherwise it wont let you even build an executable. Its got numerous amount of security mechanisms and things like buffer-overflow attacks are out of the question in RUST. Its also got the cargo feature which is much more convieniant to download external libraries comparitively to C and C++. I think you should defo give it a go.

@@menatic4577 oh bet! I didn’t know too much about it. I’ll def give it a shot🔥. May be time to learn another language 😭

@@CosmodiumCS thats true, rust is the most secure of all programming languages.

Yoo!!

Great suggestion! I will def pull some of that content together. Appreciate the kind words :D

I think I mentioned this in the video but u usually need to zip it in order to pull down the ads. Unless if u host it on an ntfs and not ext4, u may not have to zip it. (But i would try and see)

​@@CosmodiumCS thanks

Hey! I would definitely not say it’s “useless”. It’s a fairly common side channeling technique, especially for hiding and spreading malware on a system. Yes..u do need a separate payload to execute, but like most malware, having this stager is a lot less inconspicuous than directly running the malware

Thank ya! But no it is not steg. Steg is to embed the malware in the file or its metadata. ADS is connected to the file, but not in it. ADS could be considered to be in the same category but the embedded payload can only exist on the ntfs file system. if you were to load the ads.png with all the embedded files on to a linux machine, the data streams would be wiped (unless u zipped it)

@@CosmodiumCS ohh I see, I was asking because I'm working on malwares detection in WAV file and steganography, just asked on the discord server about that because there's a lack of info about malwares in audio files

@@Echownz OHH WASSUP DEFALT! I never know the connections between the discords and the YT’s. You been watching for a while lmfaoo. But yeah there isn’t too much about WAV file ransomware. I’ll be making a video on polyglot files soon. Could probably help with your project 🔥💯

@@CosmodiumCS yeah LMAO the usernames doesn't match but finally you got it ;)

Yes, because i made it better👀. Vid on it soon!

Will do!