"Shhh. Be vewy vewy quiet, I’m hunting wabbits"– OK, I’m really hunting malware…

Malware logo Crystal 128.
All malware are not viruses, all viruses are malware!

When dealing with tracing malware and checking on the status of a website what tools do you use? You’d not want to infect your machine by browsing an infected site would you?!?

First, follow these lists and groups:

  1. “The Internet Storm Center (ISC) provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers.”  http://isc.sans.edu/
  2. Follow the reports put by kafeine @kafeine and at http://malware.dontneedcoffee.com. You’ll usually finds the latest reports on web exploit kits and sites there.

Here’s a list of some of my go to sites/tools/methods, and in fact I’m inaugurating #HarryHack and #HarryHacks with this post! Note that for some of the links below there is a reference to atlassian.com which I checked out after some alerts and it came back clean – remove those from the links below and enter your own searches. I only left it there for you to see an example report in place of the default site’s screen:

Found a suspect site? Send it to these:

  1. urlQuery.net is a service for detecting and analyzing web-based malware. It provides detailed information about the activities a browser does while visiting a site and presents the information for further analysis.” http://www.urlquery.net/report.php?id=6157055
  2. Sucuri web monitoring and malware clean up service” http://sitecheck.sucuri.net/results/www.atlassian.com
  3. URLVoid.com is a free service that allows users to scan a website address with multiple website reputation engines and domain blacklists to facilitate the detection of possible dangerous websites, used to distribute malware and spyware or related to fraudulent activities.” http://www.urlvoid.com/scan/atlassian.com/
  4. “The DNS-BH project creates and maintains a listing of domains that are known to be used to propagate malware and spyware.” http://www.malwaredomains.com/
  5. Anubis is a service for analyzing malware” http://anubis.iseclab.org/
  6. “Wepawet is a service for detecting and analyzing web-based threats. It currently handles Flash, JavaScript, and PDF files” http://wepawet.iseclab.org/

Have malware to scan? Send it to these sites:

  1. “VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware” www.virustotal.com
  2. ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.” http://www.threatexpert.com/

Happy hunting!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s