Skip to main content

Where to submit malware samples

Some of you might want to know where to submit virus/malware samples to security companies. This blog post might help.

First, each vendor has their own submission process. For example, Symantec has this page (opens in new tab), McAfee has this page (opens in new tab), Sunbelt has this page (opens in new tab)— and so on. However, email addresses are available — you can package your malware sample into a zip or RAR file, password protect it (common practice is to use the password ”infected”) and send off the sample. A full list of submission addresses is here (opens in new tab).

Now, if you’re feeling lazy (or just plain too busy), you can always submit a sample to Virustotal (opens in new tab). All the vendors that are part of VirusTotal receive samples, so it’s an easy way to get a sample to a lots of companies. I’m not particularly sure if it’s the fastest way to get samples out there to the security companies, but the samples do ultimately get to all of us. (Clarification -- VirusTotal gets us the samples immediately. But it's up to the vendors to get these samples into their threat signatures. For some, this takes a bit of time.)

Finally, feel free to submit the malware to our sandbox (opens in new tab). It gives us the sample, but also, gives you a nice report as to what the malware is actually doing.

And, of course, please don’t mess with malware samples unless you really know what you’re doing. Even expert security researchers have been known to infect themselves by accident on occasion.

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.