Monday, July 24, 2006

Mwsearch - Finding Malware with Google






In early July, Websense released information on a technique they developed to acquire malware samples using Google. Websense did not want to release details of the technique, fearing that it would be used for evil. However, in today’s world, anything and everything can be used for good or evil.

It was only a matter of time, before blackhats coded a tool and started to collected malware. So why shouldn't the good guy have the same tools? Anti-spyware and anti-virus companies could use this technique to refine signatures or fill in the detection gaps.

Once an idea is released, it is only a matter of transforming it to code...this is exactly what HD Moore did with Mwsearch.

Check out HD's recent "Internet Drive-By Shootings" blog, to understand the type of information that can found with this new tool. It should help the good guys find out more about what the bad guys are doing....

Go, use, detect and clean the infected....

No comments:

Post a Comment