Reliable source for information on malware behaviour?

Reliable source for information on malware behaviour?

Many moons ago, I seem to remember that it was relatively easy to find information on what was the behaviour of particular pieces of malware (as in, "inserts automatic start-up items in registry, collects passwords from x, y and z locations, connects to IRC at xxx.xxx.com" etc. etc. This would usually be followed by removal instructions (which could be "reinstall OS").

Asked by: Guest | Views: 203

Total answers/comments: 2

Comments display order:

Guest [Entry]

"Any of your major Antivirus vendors will have a database detailing behaviors.

McAfee Avert® Labs Threat Library
TrendMicro's Research and Analysis page
Symantec (Norton) AntiVirus Threat Explorer
Eset (Nod32) Threat Encyclopedia
AVG's Virus Encyclopedia

And F-Secure's that John T has already listed."

Guest [Entry]

So does Symantec. You may think of their software whatever you want, but their virus database (now known as Threat Explorer) has always been a first class resource.