Open Source Malware Search Engine

← Back to Stories (view on slashdot.org)

Open Source Malware Search Engine

Posted by ryuzaki0 on Monday July 17, 2006 @11:06PM from the in-case-your-computer-isn't-infected-already dept.

chr0.ot writes "Metasploit creator HD Moore has released an open-source search engine that finds live malware samples through Google queries. From the article: 'The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.' The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google."

22 of 123 comments (clear)

Min score:

Reason:

Sort:

So.. by michaelhood · 2006-07-17 23:14 · Score: 5, Funny

Let me get this straight.. now Google is good for porn AND viruses?

How do the other engines stay in business?!?
1. Re:So.. by Anonymous Coward · 2006-07-18 01:47 · Score: 5, Funny
  
  ..now Google is good for porn AND viruses?
  
  So, basically, the Internet is exactly like real sex now, only easier to get.
2. Re:So.. by cp.tar · 2006-07-18 03:35 · Score: 2, Funny
  
  Dunno... I still have to pay for the Internet connection.
  
  --
  Ignore this signature. By order.
Microsoft Version! by LiquidCoooled · 2006-07-17 23:17 · Score: 3, Funny

Clippy:
It looks like your searching for viruses,
well your in the right place.

ps, anyone else notice that slashdot is like waiting for a bus, you wait for hours with no updates then 4 come along all at once.
Hope the problems have been fixed now.

--
liqbase :: faster than paper
1. Re:Microsoft Version! by mingot · 2006-07-18 00:22 · Score: 1, Funny
  
  Even a dumb ass like clippy knows the difference between "your" and "you're".
About the bus metaphor by Anonymous Coward · 2006-07-17 23:25 · Score: 1, Funny

you wait for hours with no updates then 4 come along all at once

Only if you mean the same one comes along four times.
First it was a dupe... by BumpyCarrot · 2006-07-17 23:29 · Score: 1, Funny

Now it's a tripe.

--
Do you see what I did there?
Re:Finding malware with search engine? by The+Ultimate+Fartkno · 2006-07-17 23:41 · Score: 3, Funny

I bet the editor of this story lives in Belleville. /obscure?
So I am going to write a virus by The+Ape+With+No+Name · 2006-07-17 23:42 · Score: 2, Funny

that snags a random payload off this site! Thanks Metasploit!

BTW, Dupe, Dupity Dupe, Dupe.

--
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
Thank God! by skinnygmg · 2006-07-18 00:14 · Score: 3, Funny

I just bought a new PC, and i have no viruses yet.
1. Re:Thank God! by Anonymous Coward · 2006-07-18 00:50 · Score: 1, Funny
  
  He's right. I just opened a shell on his machine, and ran a virus scanner. He's clean.
I wonder... by Anonymous Coward · 2006-07-18 00:17 · Score: 3, Funny

what MS has to say about this.
This is outright competition for their closed source malware search engine IE.
I use Windows by Cro+Magnon · 2006-07-18 00:20 · Score: 5, Funny

I don't need a search engine to find malware.

--
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
1. Re:I use Windows by houghi · 2006-07-18 00:48 · Score: 2, Funny
  
  Indeed. In Soviet America malware searches you.
  
  --
  Don't fight for your country, if your country does not fight for you.
2. Re:I use Windows by Opportunist · 2006-07-18 01:09 · Score: 3, Funny
  
  That's right, Windows provides this service to you, free of extra charge, it's bundled into the system and can't be removed easily, despite some claims by other malware writers who claim they can't make business because of that!
  
  Just click start - search...
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Since we're off on a tangent anyway by Filip22012005 · 2006-07-18 01:00 · Score: 4, Funny

I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it (but silently of course).

I'm trying to read this sentence as if you were speaking it. And you sound sort of silly.

--
When the policeman of the tie, rule you violate, hello punishment of the kitty?
Re:Since we're off on a tangent anyway by rowama · 2006-07-18 01:12 · Score: 2, Funny

I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it.

Didja read or speak this before posting? Improper verb usage, mangled propositional phrase, missing punctuation.

FTR, I'm not a grammar nazi, but you, by claiming such, opened you'reself up for a little good-natured criticism.

Regards.
Careful...Skynet...Matrix...DupeDot... by The_REAL_DZA · 2006-07-18 01:15 · Score: 1, Funny

...The tool then searches for appropriate responses and posts a response to the new article on Slashdot proclaiming it to be a dupe...

Sounds like this thing's just a few modules short of obsoletizing us all; give this thing a "beowulf cluster" module and a "in Soviet Russia" module and it'd be pretty well self-contained. Any day now it'll be welcoming it's overlord self...

--

This space intentionally left (almost) blank.
Re:Since we're off on a tangent anyway by rowama · 2006-07-18 01:36 · Score: 2, Funny

Your being too kind.

Since I don't normally like to engage in the karma-damaging activity of trolling, I was hoping to get some bang-for-the-buck out of my post. Thus, I left two juicy pieces of bait (i.e., grammatical errors) in my post, and promptly started meta-moderating my heart out to counter the impending down-mod.

BTW, "my particular dialect" must mean english is an auxiliary language for you. Kudos on that and never apologize for the occasional mess-up. I am not among those who are multilingual, so I envy you.

Regards.
Re:Finding malware with search engine? by Anonymous Coward · 2006-07-18 01:57 · Score: 2, Funny

I wonder if there's any way to use Google to find dup... triplicates.
Re:Since we're off on a tangent anyway by mooingyak · 2006-07-18 01:59 · Score: 2, Funny

Your being too kind.

Usually it's not worth the effort, but given this thread I just had too...

That should be:

You're being too kind.

--
William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
You win! by rowama · 2006-07-18 05:24 · Score: 2, Funny

Yep, it is. Congrats, you win the prize: a PS3 running Vista. This offer expires in 30 days.