The U.S. Cyber Command (USCYBERCOM) is providing unclassified malware samples to VirusTotal intelligence service with the intent of sharing them with cybersecurity industry.
The USCYBERCOM’s Cyber National Mission Force (CNMF) is going to share the unclassified malware samples on the CYBERCOM_Malware_Alert VirusTotal account.
Researchers interested in the sample can follow the USCYBERCOM malware reporting handle on Twitter.
“Today, the Cyber National Mission Force, a unit subordinate to U.S. Cyber Command, posted its first malware sample to the website VirusTotal. Recognizing the value of collaboration with the public sector, the CNMF has initiated an effort to share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity.” USCYBERCOM stated.
“Recognizing the value of collaboration with the public sector, the CNMF has initiated an effort to share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity.”
CNMF was launched to improve information sharing on the cyber threats and allow early detection of the activities of malicious cyber actors.
This Twitter account was created solely to provide alerts to the cybersecurity community that #CNMF has posted new malware to @virustotal. A log of our uploads can be found here: https://t.co/fSgk1xpG8t
— USCYBERCOM Malware Alert (@CNMF_VirusAlert) November 5, 2018
The first samples shared by CNMF on VirusTotal belong to the Lojack (LoJax) family, in May several LoJack agents were found to be connecting to servers that are believed to be controlled by the notorious Russia-linked Fancy Bear APT group.
The samples recently shared appears to be associated with the UEFI rootkit discovered in September by the malware researchers from ESET.
Personally, I believe that this initiative of really important to rapidly profile threat actors and mitigate the spreading of malicious codes.
(Security Affairs – USCYBERCOM, malware)