A Google Site Meant to Protect You Is Helping Hackers Attack You

Discussion in 'malware problems & news' started by Dragon1952, Sep 3, 2014.

  1. Dragon1952

    Dragon1952 Registered Member

    Sep 16, 2012
    Hollow Earth - Telos
    It’s long been suspected that hackers and nation-state spies are using Google’s antivirus site to test their tools before unleashing them on victims. Now Brandon Dixon, an independent security researcher, has caught them in the act, tracking several high-profile hacking groups—including, surprisingly, two well-known nation-state teams—as they used VirusTotal to hone their code and develop their tradecraft....http://www.wired.com/2014/09/how-hackers-use-virustotal/
  2. Veeshush

    Veeshush Registered Member

    Mar 16, 2014
    They already have a few knockoff VT scanning services that don't even share the results to AVs (basically, they're made for malware creators to test their samples or crypting methods). I'm willing to bet the NSA level stuff is tested in house on their own multiple AV scanning system.

    Well, I'm glad my inkling to submit files over Tor was valid. But that's another thing I'm surprised they didn't apparently do.
  3. Rasheed187

    Rasheed187 Registered Member

    Jul 10, 2004
    The Netherlands
    This isn´t really a surprise to me, but it does make you think about how reliable VT exactly is. On the other hand, if you download apps from trusted sites/vendors the chance is quite small that you will be running a malicious app in the first place. :)
  4. guest

    guest Guest

    Well, I guess the team was not fully sponsored by the state after all. Either that, or the state itself is playing cheapskate and didn't bother to create their own testing environment. =P