Bot claims to crack malware in minutes
1301 views 
Security software company PC Tools claims to have developed an automated bot, called Threat Expert, which enables content sharing businesses to analyse and decode online threats in a matter of minutes. Users of the automated service can send suspected threats to PC Tools through a web portal where Threat Expert will provide a detailed report which can then be used to create the patch to eliminate these threats.
"We are seeing an explosion of new threats and variations that major anti-spyware and antivirus companies cannot handle," said Simon Clausen, CEO of PC Tools. "The time it takes to manually decode these dangerous threats means consumers and businesses are vulnerable until threats are decoded and fixes are made."
Threat Expert claims to be able to detect behaviour ranging from spyware to keylogging, rootkits, malware, adware, dialers, downloaders, worms and viruses.
Clausen said that new threats identified by an organisation traditionally require a thorough evaluation to determine whether they pose a real threat to users.
Once a threat is identified, it can take hours, or even days, to reverse engineer and eventually produce a report and finally a solution. Threat Expert claims to offer a threat analysis in a matter of minutes.
"We radically save time cracking complex spyware and virus codes by automating this detection process and giving real-time threat information to businesses and security researchers," said Clausen.
Is this really true ?
This news is so cool ( and difficult to believe ) that it required more dig up. Here is the link to PCTool's Threat Expert Page.
Threat Expert produces technically detailed reports that match or exceed industry standards. In less than 5 minutes Threat Expert's server can process a single threat and generate up to 1,000 detailed threat descriptions per server, per day. Threat Expert can scale itself to match the level of threats by simply adding new servers.
You can view some sample reports over here - Sample Reports
From the first look at reports , it seems that this tool will not be much useful if you send a 0-day Malware to it. The PCTools also says that...
While Threat Expert can respond to most new threats, it is possible that some threats can not be decoded or that they are so complex or so rapidly changing that it is impossible to pinpoint the exact threat.
I am sure, if this tool gets famous someone will get his/her hands on "Threat-Expert" and code evasion steps in malwares ;-)
Nevertheless, this tool is slick and would definitely cut time when you are researching unknown Malware.
Post new comment