Finding Sample Malware(s)?

Discussion in 'Virus Information' started by John, Feb 7, 2005.

  1. John

    John Guest

    I like to research, malware, but the only samples I ever get are what
    friends give me, to examine, I do not mind whether the malware is new or
    old, or anything special.

    I would like to setup a honeypot, but do not have the resources, as I only
    have two systems currently and both are pretty much in use all the time.

    I was curious if anybody knows of places I can get sample malware files?
    Maybe from people that own honeypots?

    So far I was thinking of looking for virus groups, or maybe submitting my
    email addresses to some advertising websites, or websites that sell email
    lists, so that I can recieve spam with malware to analyse.

    I would appreciate any advice, thoughts or suggestions that you have.

    John, Feb 7, 2005
  2. John

    Malke Guest

    If you don't have a system to trash, don't do this! Otherwise,
    disconnect the computer you want to save from the network before you
    start. Image the drive you are going to trash so you can quickly and
    easily restore it.

    Then simply Google for (and download) Bargain Buddy, My Daily Horoscope,
    Kazaa, Smiley Central, Bullseye Network, Altnet, free pr0n (make sure
    you install the "free" viewers so you get a good dose of viruses), and
    your system will be infested before you know it. Go to any one of the
    malware-fighting sites to get more names of malware if that isn't
    enough for you. Oh, and don't forget to remove any antivirus and
    firewall programs you've got installed.

    Frankly John, if you didn't know how to do that, I question the validity
    of any "research" you're doing, but if you want to wreck one of your
    systems - well, you've been warned. It will only take a few minutes.

    Malke, Feb 7, 2005
  3. John

    Catamount Guest

    Or, just load windows with no hotfixes and connect it to a brooadband
    connection. It will be stuffed full of fun in 10 minutes. :)
    Catamount, Feb 7, 2005
  4. John

    John Guest

    Out of the two systems, the one is my "normal" computer and the other is
    a kind of test system, I always use it for testing stuff, it usually has
    a fresh install of one operating system or another every other day I
    would say.

    So that is the computer I would use for testing, I have contemplated
    using that for a honeypot, but how often I use it for stuff or reinstall
    I wouldn't really have much time, to monitor the activities, of worms
    that compromise the machine, because I would have probably only two days
    to watch what it does before I reinstall again.

    I am considering buying a second hand machine for use as a honeypot
    though, they can be found very cheaply in local newspapers, so it could
    be a worthy investment.

    Those are some good suggestions, but those are more mainstream
    adware/spyware type of malware, I am looking for things more like worms,
    viruses (virii?) and possibly IRC bots etc.. to kind of monitor what is
    going on in the underground if you like to call it that. I have more have
    an interest in this type of malware than corporate malware, if you would
    like to call it that.

    I appreciate your opinions, and I appreciate you replying to my post even
    more so. Thanks.
    Sadly at the moment I do not have a spare computer to use as a honeypot,
    only my normal computer and my test computer, but I am seriously
    considering buying something cheap to use as a honeypot.

    Thank you both for your replies.
    John, Feb 7, 2005
  5. John

    Bigbruva Guest

    Stay away from the dark side Luke! :)

    Before you spend the money on the hardware you might want to check out a
    book or two that would help you understand the technology behind the
    Just search on Amazon for Malware and pick a book that matches your
    Once you have got through a few of those you might have discovered enough to
    quench your thirst without having to shell out on another PC.

    Final bit of advice, be careful!


    PS My sincerest apologies for the use of a Star Wars reference, I will now
    go and stand in the corner for the rest of the day ;-)
    Bigbruva, Feb 7, 2005
