Virustotal uploader 20157/10/2023 It is, truly, a game of cat-and-mouse being played out on public services. This was dramatically illustrated in March of this year, when two zero-day vulnerabilities affecting Adobe and Microsoft were discovered and pre-emptively patched as a result of a ‘proof-of-concept’ (PoC) being uploaded to VirusTotal. With that in mind, researchers are keen to search for and “retrohunt” undetected or poorly detected submissions occurring on these sites, conscious of the fact that they may well be able to update their own detection mechanisms to catch emerging malware before it’s ever seen in the wild. In a study published in 2015, it was found that over 1500 malware samples were pre-released on VirusTotal and other online virtual sandboxes before becoming part of public malware campaigns. While it may seem counterintuitive for malware developers to give advance warning of their products to anti-malware services, it is one way for such developers to test if their creations will avoid existing detection algorithms, as well as find out how their software’s anti-detection methods function in real-life. Surprisingly, it’s not unknown even for threat actors themselves to make use of services like VirusTotal by uploading their own malware to see whether it is detected. One of the great features of this tool is that anyone can upload anything and immediately check to see if it’s a recognized threat. Both researchers and safety-conscious computer users rely on online anti-malware sandbox service VirusTotal in order to keep up with the latest threats, and to check whether suspicious samples they discover in the wild are already known offenders.
0 Comments
Leave a Reply. |