Malware hunt – wildfowl to find


More than twice for the last 24 hours I was asked the non-trivial question:

Where do You find the targets for the malware hunt, if You’re not a  part of the big team, malware researcher or not own a honeynet.

Actually, if You do want to fight a malware, IMHO it is very useful to have a honey-pot system, or, at least, be in security business somehow. It will provide You a non-stop flow of the malicious targets to review. But if  You not, and You still want to help?

Disclamer: All links provided lead to lists of malicious or potentially malicious resources. Do not click there on any link, or don’t run any file, without proper knowledge, env prepared and skills trained.

Well, here are the few links, that  aggregate latest known threats, that You can practice on:

1. Malware Domain List:

2. URL Query

3. list of malware

4. VX Vault

5. Site Inspector (by Comodo)


7. Malc0de Database

8. Sucuri Malware Labs

9. Clean-MX Realtime database

10. Sourcefire Vulnerability Research Team Labs

11. Zeus Tracker

12. NovCon Minotaur Analysis System

13. Palevo Tracker

14. SpyEye Tracker

15. Feodo Tracker

16. CyberCrime Tracker (Thanks, Steven!)

17. Malwared C&C Tracker

18. Cuckoo Sandbox online – analysis + download samples.

19. Virustotal – source for MD5 search and huge amount of data per sample.

20. ThreatExpert

21. Malware Blacklist


p.s. Many thanks to DrM for almost tripling the list! 🙂

Note: threats are usually detected by many participants, got blocked and eventually became dead, as result (and this is good!), so if You’re looking for the alive target- review the recent updates. Search for similar domains, hosted on same IP hosts etc.

Happy and lucky hunt. Share Your findings and in case You know another good lists of malware urls and targets – comment and I will add it to list.

Update 31.01.2014: Added and fixed some resource URL’s.

Added few new – thx to  [email protected]µ!nh0

Please stay safe!


Leave a comment