• Home
  • News
  • VirusTotal can now detect dubious firmware

VirusTotal can now detect dubious firmware

The popular VirusTotal threat detection service has just added a new tool which allows its users to scan their firmware for potential threats. This new feature is capable of identifying malware hidden within the firmware's code and, once the scan is completed, will label the entry as either legitimate or suspicious, thus helping you make an informed decision. What's even cooler for those actually interested in security is that the blog entry that announced this change also shows you how to extract your own firmware (the one already installed) and test it with VirusTotal.

For those of you who aren't familiar with the topic, VirusTotal is an online service created by Google that can scan any file for potential threats. The tool contains a huge database of viruses, Trojans, adware, spyware, root kits and other kinds of malware, so in my experience, there are many times when it's more effective than the anti-virus application that you may have installed on your PC. The main downsides for using this tool is that you need to upload the file that you want to scan (so you need a decent Internet connection) and the upload size is limited. Furthermore, there are times when you get false positives, but more than 90% of the time the service is correct in its diagnosis.

In case you don't already know this, firmware is a low-level code which makes the connection between a device and operating system (somewhat similar to a driver). Modern hacking techniques include firmware infections as they are almost impossible to detect (most anti-virus tools don't have the technology to scan for this) and equally hard to remove. Malware that is embedded in the firmware will remain there even after you format your hard-disk and reinstall the operating system, while security tools are simply unable to get it out.

If the security of your devices is a concern of yours, you might also want to find out how to keep your browser safe from hackers, check out how to know if your router has been infected or learn how to tell if your PC is part of a botnet.

Comments