CYBER NEWS

Firmware Malware Scan Added to VirusTotal’s Set of Tools

parental -advisory-malware-contentHave you used Google’s free service VirusTotal? When you have doubts about the origin of suspicious files, VirusTotal comes in handy.

The service is about to become even more useful, as its developers have added a new tool to it that analyzes firmware. Firmware malware has indeed turned into a big issue.

Learn More about Firmware-Related Problems:
9271 Vulnerabilities Revealed in A Study on Firmware Images

Firmware Tool within VirusTotal

Firmware is often targeted as it is a very convenient place to hide malicious software. Furthermore, antivirus solutions typically don’t scan the firmware layer, and a malware intrusion can easily remain unnoticed.
That’s not all. Firmware malware can survive reboots and even fresh OS reinstallations.

This is what VirusTotal experts have said in a blogpost:

As of today VirusTotal is characterizing in detail firmware images, legit or malicious. These are a couple of examples of the kind of information that is now generated, please refer to the File Detail tab:
https://www.virustotal.com/en/file/3afb102f0a61f5a71be4658c3d8d3624e4773e36f64fd68a173f931bc38f651e/analysis/ [1] https://www.virustotal.com/en/file/4db9177af43a958686b9367f19df90023acf3189c388497a8a7d1d8cb3f7f0e0/analysis/ [2] https://www.virustotal.com/en/file/57a0c38bf7cf516ee0e870311828dba5069dc6f1b6ad13d1fdff268ed674f823/analysis/

The new firmware scan addition will determine whether firmware images are legitimate or suspicious. The tool is also designed to extract certificates attached to firmware as well as executables. In particular, the cool can extract portable executable files (PEs) inside firmware. The latter can be associated with malware or suspicious behavior.

Thanks to the firmware addition to VirusTotal, users will be able to extract their own firmware and submit to VirusTotal. The tool is very useful not only to users but also to researchers, since uploaded firmware images can be stored in a database. Such databases are quite useful to malware researchers.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...