Home > Cyber News > Firmware Malware Scan Added to VirusTotal’s Set of Tools
CYBER NEWS

Firmware Malware Scan Added to VirusTotal’s Set of Tools

by   |  Last Update:  |  0 Comments  

parental -advisory-malware-contentHave you used Google’s free service VirusTotal? When you have doubts about the origin of suspicious files, VirusTotal comes in handy.

The service is about to become even more useful, as its developers have added a new tool to it that analyzes firmware. Firmware malware has indeed turned into a big issue.

Learn More about Firmware-Related Problems:
9271 Vulnerabilities Revealed in A Study on Firmware Images

Firmware Tool within VirusTotal

Firmware is often targeted as it is a very convenient place to hide malicious software. Furthermore, antivirus solutions typically don’t scan the firmware layer, and a malware intrusion can easily remain unnoticed.
That’s not all. Firmware malware can survive reboots and even fresh OS reinstallations.

This is what VirusTotal experts have said in a blogpost:

As of today VirusTotal is characterizing in detail firmware images, legit or malicious. These are a couple of examples of the kind of information that is now generated, please refer to the File Detail tab:
https://www.virustotal.com/en/file/3afb102f0a61f5a71be4658c3d8d3624e4773e36f64fd68a173f931bc38f651e/analysis/ [1] https://www.virustotal.com/en/file/4db9177af43a958686b9367f19df90023acf3189c388497a8a7d1d8cb3f7f0e0/analysis/ [2] https://www.virustotal.com/en/file/57a0c38bf7cf516ee0e870311828dba5069dc6f1b6ad13d1fdff268ed674f823/analysis/

The new firmware scan addition will determine whether firmware images are legitimate or suspicious. The tool is also designed to extract certificates attached to firmware as well as executables. In particular, the cool can extract portable executable files (PEs) inside firmware. The latter can be associated with malware or suspicious behavior.

Thanks to the firmware addition to VirusTotal, users will be able to extract their own firmware and submit to VirusTotal. The tool is very useful not only to users but also to researchers, since uploaded firmware images can be stored in a database. Such databases are quite useful to malware researchers.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. 9271 Vulnerabilities Revealed in A Case Study on 1925 Firmware Images Andrei Costin (Eurecom), Apostolis Zarras (Ruhr-University Bochum), Aurelien Francillon (Eurecom)...
  2. 23 Vulnerabilities in UEFI Firmware Used by HP, Lenovo (CVE-2021-41837) At least 23 new security vulnerabilities were discovered in various...
  3. Amazon Best-Selling TP-Link Router Shipped with Vulnerable Firmware A number of security flaws in the default firmware and...
  4. Microsoft Just Found Critical Firmware Vulnerabilities in Netgear Routers A series of security flaws were recently discovered by Microsoft...
  5. Sony CCTV Cameras Prone to Mirai Attacks via Firmware Backdoor Tech giant Sony has just detected and terminated a debug...
  6. CVE-2021-20090 in Routers with Arcadyan Firmware Exploited in the Wild A recently disclosed vulnerability in routers running Arcadyan firmware is...
  7. Vulnerabilities in ThreadX Firmware for Wi-Fi Chips Discovered Several vulnerabilities have been discovered in the firmware of a...
  8. CVE-2017-5891, CVE-2017-5892 Found in Asus RT Wireless Routers ASUS RT wireless router owners, beware! If you haven’t updated...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree