Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to get started as a Malware Analyst?


  • Please log in to reply
6 replies to this topic

#1 DrShade

DrShade

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 09 June 2015 - 02:48 PM

Sorry if this is posted in the wrong section.
 
A little about me: I'm going to be a sophomore in the fall at university, my major is Computer Science (Information Assurance). I've been interested in malware/antivirus since the sixth grade. I remember removing the McAfee security software from my family computer and replacing it with other vendors (kaspersky, bitdefender, eset, etc). I also used to watch youtube reviews of said vendors and other antimalware software, and have just recently acquired my own Virtual Machine and I install malware on there and use different products to see which can best remove the malware.
 
Anyway, how would you suggest I go about becoming a malware analyst? I've made a list of books to study (pratical malware analysis, art of memory forensics, malware rootkits, botnets: a beginners guide, etc). I also like to read kaspersky's theatpost and malwarebytes' blog, any other tips to get me started in my dream career?


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,594 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 09 June 2015 - 03:01 PM

Since you asked the question on Malwarebytes Forums as well, I'll just post the thread link here so people will know what was suggested already.

https://forums.malwarebytes.org/index.php?/topic/169167-how-to-get-started-as-a-malware-analyst/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:22 AM

Posted 09 June 2015 - 07:03 PM

As suggested at Malwarebytes...continue to read and study all you can.

Malware Analysis & Forensics Resources:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 PresComm

PresComm

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 10 June 2015 - 07:16 AM

DrShade,

 

I will echo what the others have said and reiterate to just keep reading. Read, read, read. That having been said, I will be putting up a page on my blog, The Presumptuous Commoner, in the very near future listing the dozens of websites, blogs, feeds, etc. that I follow on a daily basis. A good portion of what I now know came from reading articles from researchers, anti-virus companies, and vulnerability disclosures and taking the time to Google what I didn't understand. I followed the knowledge breadcrumbs, as it were. Keep checking the blog for that page to manifest.

 

If you are comfortable and have taken the time to set up a safe laboratory environment, the OpenSecurityTraining.info video series on YouTube is par excellence. They have day-long classes broken into individual videos, they provide the samples and slides and other things to help you follow along from home. Again, they have you work with live samples, so a decent knowledge level of how to maintain a safe lab environment separate from your vital systems is important.

 

Like most things, it comes down to passion and dedication. Study, ask questions, and push yourself and you will find yourself where you want to be.

 

Best of luck.



#5 DrShade

DrShade
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:22 AM

Posted 10 June 2015 - 11:21 AM

Thanks guys. I plan on getting my Masters in Information Assurance, how much will that help me in terms of material learned and job competitiveness? 

Also, should I read about other fields related to malware analysis such as network security and hacking? How much (if at all) would reading about other fields help me?



#6 PresComm

PresComm

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 10 June 2015 - 11:45 AM

I cannot speak to the competitiveness of the field nor the usefulness of such a degree, since I don't have any exposure to the job market in that area.

 

As far as reading about other fields, it never hurts to know. When working with malware samples, you may very well find yourself sniffing network traffic to see what communication the malware is eliciting. Knowing about current vulnerabilities and exploits will help you understand how malware may have entered a system.

 

But really, these fields are so fast paced, keeping an eye on the news and what other security experts/analysts are saying/doing will tell you what you need to be learning. If you see malware analysts constantly referring to decoding XORed code, then you should probably ask some questions to yourself. What is XOR? Why do malware authors use it? How can I decode it? If you read current news and analyses write-ups and take the time to research what you don't understand, you will start to feel where your skills need to be developed and sharpened.

 

That is just my opinion, of course. I have learned immensely using that methodology.


Edited by PresComm, 10 June 2015 - 11:45 AM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,267 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:22 AM

Posted 10 June 2015 - 01:35 PM

Another great way to learn is to enroll and complete training conducted at various online Unite Schools.

See this link for the one here... BleepingComputer's Malware Removal Training Program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users