now browsing by tag
The FBI’s Malware Investigator portal will soon be available to security researchers, academics and businesses.
As reported by Threatpost, the US law enforcement agency’s tool is akin to systems used by cybersecurity companies to upload suspicious files. Once a file is uploaded, the system pushes through antimalware engines to pull out information on the file — whether it is malicious, what the malware does, and whom it effects.
The Malware Investigator analyses threats through sandboxing, file modification, section hashing, correlation against other submissions and the FBI’s own entries concerning viruses and malware reports. Windows files and common file types can currently be analysed, but this will expand to include other file types in the near future.
The FBI says that businesses will find this tool particularly useful, stating on the portal’s website:
“Public and private sector networks are constantly dealing with malware aimed at disrupting operations, stealing information, and/or interfering with daily business. IT professionals must react nimbly to potential issues, but can only make well informed decisions when they can quickly understand the potential threat to their systems.”
Speaking at the Virus Bulletin conference in Seattle, the FBI’s Jonathan Burns said API access has been granted for businesses that wish to integrate the engine into their platforms, and the personal details of submitters remain undisclosed and private.
While the standard portal is currently available to law enforcement, another portal for researchers, businesses and academics will soon be available.