Crossposted using Lemmit.

Original post from /r/cybersecurity by /u/yournovicetester on 2023-07-04 01:42:39+00:00.

Hi

I am curious to know if researchers, in order to conduct their analslysis, gets a copy of a malware before they publish the findings? If so, where do they get it?

For example, I’m reading a report from Dragos about Pipedream but how do they know if they didnt do it themselves?

Can a newbie person obtain a copy of a malware and do analysis as well or is it too risky?

Thanks