Malware Honeypot Projects Merge

Looking to streamline the collection of malware samples, two of the biggest honeypot projects—mwcollect and nepenthes—have merged operations.

The two projects, which passively trap viruses, spyware and other forms of malicious software by emulating known vulnerabilities, will combine operations to develop a single malware collection tool, according to an announcement my mwcollect head developer Georg Wicherski.

The merger comes after a year of concurrent development that caused a lot of overlap and shared work, Wicherski said.

“Mwcollect.org will become a top-level community covering malware collection efforts, [and] nepenthes will become the official software used for malware collection and be part of mwcollect.org,” he said.

A new mwcollect.org meta-portal will be created to host information related to malware collection.

Instead of having two tools, mwcollectd will be discontinued after the current version 3.0.4, and nepenthes will be the official successor, Wicherski added.

He said the mwcollect Alliance will continue to exist with existing mwcollect v3.0.3 sensor and nepenthes sensors later on.

“The benefit to the end user is a much more powerful software due to joined forces, [and] the benefit to the developers is that we need to spend less time on developing due to shared work,” Wicherski added.

/zimages/3/28571.gifRead morehereabout honeypot projects.

Existing nepenthes users wont notice any changes, but researchers using the mwcollectd tool are urged to make the switch to nepenthes.

Going forward, Wicherski said the project pages will be merged under one roof ahead of a new nepenthes version.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.