Currently Malpedia requires a sample to record a new malware, this limits its ability to be a complete source for rapid identification and actionable context when investigating malware (by missing some families, or requiring a multistep process); Additionally, this limits the ability to contribute new families only to individuals with an access to the requested samples.
As per #41 the current Malpedia design requires each family to have at least a single reference sample. One possible way to handle cases where samples are not publicly available is to allow referencing a VirusTotal result of the related sample instead of uploading a sample.
This approach has a few advantages (while minimizing the disadvantages that might stem from allowing families without a sample - such as creating possible ambiguities or duplicates due to different vendor naming) -
- Families remain grounded in specific samples, avoiding ambiguities.
- Expands the number of contributors able to contribute new families.
- Improves Malpedia coverage of malware families - thus furthering its goal of being a source for rapid identification and actionable context.
Currently Malpedia requires a sample to record a new malware, this limits its ability to be a complete source for rapid identification and actionable context when investigating malware (by missing some families, or requiring a multistep process); Additionally, this limits the ability to contribute new families only to individuals with an access to the requested samples.
As per #41 the current Malpedia design requires each family to have at least a single reference sample. One possible way to handle cases where samples are not publicly available is to allow referencing a VirusTotal result of the related sample instead of uploading a sample.
This approach has a few advantages (while minimizing the disadvantages that might stem from allowing families without a sample - such as creating possible ambiguities or duplicates due to different vendor naming) -