The FBI has opened up its previously in-house malware analyzing tool to the public in order to crowdsource more samples for speedier response, according to The Register.
Techworld states that using Malware Investigator, users should “within minutes” receive a report with information the FBI or its partners have on the malicious content with “some fine details on where and how it was being used”.
It will support PDFs, executables, Android APKs and other common file types. Other mobile operating systems are due to follow in time.
Threat Post reports that the portal launched back in August, but is currently just open to law enforcement officers. The news that it was going to be opened up with a public separate portal was revealed by Jonathan Burns, an FBI agent specializing in cybercrime at a talk at the Virus Bulletin conference this week.
Burns explained: “We are essentially in this to collect samples. The more we can provide tools out to law enforcement and industry to fight cybercrime, the more we’re helping the government fight cybercrime”.
He was clear that user privacy would not be compromised by assisting the FBI with samples: “You don’t have to share anything you don’t want to. No one will know who you are unless you want them to,” he added.
Techworld speculates that this approach was necessary in order to get the sheer quantity of malware samples required to be effective, stating that: “Somewhere along the line the Bureau realized that simply creating a facility for fellow law enforcement departments was no longer going to be enough to get rapid intelligence on malware.”
The FBI’s malware analysis dates back to the last century, as The Register notes: “The FBI began manual malware analysis in 1998 and over subsequent years had built systems to help store and examine viruses, Trojans, worms and bots. The process became automated in 2011 with work beginning on Malware Investigator last year”.
