News

VirusTotal can now also check firmware images for malware

By admin
Spread the love

Google’s online virus scanner VirusTotal can now also check firmware images for malware. With this, the company is responding to the fact that there are more and more firmware infections that are difficult to detect and remove.

The service can perform a number of functions, including reading and checking certificates from firmware images and executable files. It is also possible to analyze the separate UEFI executable files from the submitted images, with which to check whether an infection is present. VirusTotal also allows users to view tabs containing file details and additional information.

According to the company, the new feature is necessary, as firmware malware would no longer be deployed solely by the NSA. It refers to the bios rootkit, which Lenovo built into certain laptop models, and Hacking Team’s uefi rootkit. VirusTotal’s post also offers users some tips on how to dump the bios into a file that can be uploaded to the service.

Malware embedded in device firmware is difficult to detect and remove. For example, the bios loads into memory before starting the operating system and remains intact even when a system is reinstalled. Also, according to VirusTotal, most anti-malware products do not scan at the bio-level, making detection difficult. VirusTotal was purchased by Google in 2012 and uses 55 antivirus products and 61 scanning engines to scan.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

‘AMD wants to sell Radeon RX 7700 and RX 7800 series from September’

News

Russian ministry bans iPhones due to suspicion of espionage

News

Brave sells web content as data for AI training