VirusTotal will now Analyse malicious Firmware too!

Google has added a new tool in “VirusTotal”, which is capable to analyse suspicious firmware. Firmware is a code of low level, which act as a bridge between operating system and hardware during boot process of computer system. Most advanced hackers are using firmware as a place to spread malware, because they know it is the most secure place to hide. Even NSA (National Security Agency) of United States is using this technique.

One of the security engineer from VirusTotal said,” It is not possible for AV tools to scan this part, because all these processes will start automatically when you will turn on your computer system. If there is a malware which is hidden inside the firmware then it will not be easy for anyone to remove it. This type of malwares can survive several rebooting processes of an Operating System.

Now VirusTotal is using a new tool using which security researchers and malware analysts can upload a malware designed by them. This malware will indicate them if any suspicious activity will occour during the startup process. It will also indicate the security team about the technical information releasing process during startup. This tool will label the images of firmware. It could be suspicious or legitimate. This tool will scan all the .exe files which are available in it. All the certificates attached with the firmware will be scanned by this new tool.

Hackers can also use PEs (Portable Executables) as a malware inside any firmware, therefore this tool is also capable to scan these Portable Executables. VirusTotal will got a complete report of this scan individually and users can see this report when VirusTotal will publish it. From that report users can see what could be happened with their BIOS.

By using this users will be capable to extract their firmware. They can submit the report to VirusTotal. After that VirusTotal will create a database of all these reports, which will help the researchers to scan bad firmware.

Source:cio.com