U.S. Cyber Command Shares Malware via VirusTotal

This post was originally published on this site

The U.S. Cyber Command (USCYBERCOM) this week started sharing malware samples with the cybersecurity industry via Chronicle’s VirusTotal intelligence service.

The project is run by USCYBERCOM’s Cyber National Mission Force (CNMF), which will post unclassified malware samples on the CYBERCOM_Malware_Alert account on VirusTotal.

“Recognizing the value of collaboration with the public sector, the CNMF has initiated an effort to share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity,” USCYBERCOM stated.

CNMF claims that its goal is to “to help prevent harm by malicious cyber actors by sharing with the global cybersecurity community.”

Members of the cybersecurity industry can keep track of each new malware sample shared by CNMF through a dedicated Twitter account named USCYBERCOM Malware Alert (@CNMF_VirusAlert). The Twitter account currently has over 3,000 followers and the VirusTotal account is already trusted by more than 50 users.

The first malware samples shared by CNMF on VirusTotal are part of the Lojack (LoJax) family, which researchers observed recently in attacks apparently carried out by the Russia-linked cyber espionage group tracked as Sofacy, APT28, Fancy Bear, Pawn Storm, Sednit and Strontium.

The samples, contained in files named rpcnetp.exe and rpcnetp.dll, seem to be new and related to the UEFI rootkit analyzed by ESET after being used by the Russian threat actor to target government organizations in Central and Eastern Europe.

USCYBERCOM shares malware samples on VirusTotal

USCYBERCOM shares malware samples on VirusTotal

Related: US Military Conducts Cyber Attacks on IS

Related: U.S. Cyber Command Launched DDoS Attack Against North Korea

Related: Chronicle Unveils VirusTotal Enterprise

view counter

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Previous Columns by Eduard Kovacs:

Tags: