idea for malware hub!

omidomi · Aug 23, 2014

i have an idea.
i said Malware1 open new froum and access to a few trusted user (active users in malware hub) put pack there and do not SUD them to vendor too see when vendor detect un SUD viruses?
and messure time and get score to AV that detected sooner.
and speak about it which one off them is faster detection!
sorry for my bad english!

its not mean close malware hub!
i said start new forum beside last forum!

MalwareHunter · Aug 23, 2014

Not a bad idea, but think into this example:
@Malware1 finds a new FUD malware. If he will post in a private forum section, and people will check them like every hour to see which vendors' product will detect it firstly or anything, without submission, the malware will spread in the wild under that time. If the people submit that FUD file as soon as possible, it means that they stop (not fully, but at least on that computers which use vendors' products which will detect the file soon after the submission) the spread of that malware. And for example, that FUD file is a new locker variant. What you will say if PCs get infected with it because we played with the file in the private section without submissions?

So, the idea is good, but some work needed on it.

Malware1 · Aug 23, 2014

i won't stop submissions

omidomi · Aug 23, 2014

i said trusted people like malware1 check that not all member and people .

Malware1 said:
i won't stop submissions

i amnot said stop that.
i said make new forum beside last forum. and get access to few member too see the links .
i want know which AV detected faster...

MalwareHunter · Aug 23, 2014

omidomi said:
i said trusted people like malware1 check that not all member and people .

That's ok, it's not the point. The point is: the FUD file in that example won't be submitted to vendors, because @Malware1 or any trusted member will wait which vendor will the fastest on detection without submissions. Do you understand it?

omidomi · Aug 23, 2014

MalwareHunter said:
That's ok, it's not the point. The point is: the FUD file in that example won't be submitted to vendors, because @Malware1 or any trusted member will wait which vendor will the fastest on detection without submissions. Do you understand it?

yes of course!

Malware1 · Aug 23, 2014

MalwareHunter said:
That's ok, it's not the point. The point is: the FUD file in that example won't be submitted to vendors, because @Malware1 or any trusted member will wait which vendor will the fastest on detection without submissions. Do you understand it?

I won't wait, i'll submit the files anyway. The point is to send undetected samples, I don't upload packs to test AVs.

MalwareHunter · Aug 23, 2014

Malware1 said:
I won't wait, i'll submit the files anyway. The point is to send undetected samples, I don't upload packs to test AVs.

Yes, I know that.

I'm just tried to explain to @omidomi why this idea isn't good as is now.

Chromatinfish 123 · Aug 25, 2014

The point of the hub is to quickly send undetected samples to AV vendors to reduce the time between a signature update and releasing of malware. If you want to test AV, just do not update the definitions to the latest versions, IE, simulating a zero day like thingy

Search

idea for malware hub!

omidomi

Level 71

MalwareHunter

Level 17

Malware1

Level 76

omidomi

Level 71

MalwareHunter

Level 17

omidomi

Level 71

Malware1

Level 76

MalwareHunter

Level 17

Chromatinfish 123

Level 21

Similar threads