News Insights: US Cyber Command starts uploading foreign APT malware to VirusTotal | ZDNet

USCYBERCOM said it plans to regularly upload “unclassified malware samples” to VirusTotal. US Cyber Command (USCYBERCOM) will share foreign APT malware discovered on DOD networks with the broader cybersecurity community through a VirusTotal account.

Executives from AlienVault offer insights:

“The US Cyber Command has uploaded two malware samples relating to APT28, the Russian group behind the US election hacking. So far, the quantity has been small, but the quality is high. Hopefully, these additions from the US Cyber Command will be another useful source of malware which will help the industry to defend against it. However, downloading files requires paid access to VirusTotal Enterprise, so this should be useful for security vendors, but most “hobby” malware analysts won’t have access to the files. You can view the files at https://www.virustotal.com/en/user/CYBERCOM_Malware_Alert/”

-Chris Doman, security researcher

“This is a fantastic new initiative by CNMF. The more threat data the security industry can share amongst itself, the better it can make its defenses. By sharing threat data and samples, security teams can proactively look out for emerging threats and zero days, giving attackers smaller windows of opportunity to conduct successful attacks. It can also be used for threat hunting and to seek out any malware that may have already infiltrated an enterprise. We hope to see more governments and companies share data openly to further the security community’s efforts.”

-Javvad Malik, security advocate