Monday, November 4, 2024
Homecyber securityVirusTotal's Crowdsourced AI Initiative to Analyze Macros With Word & Excel Files

VirusTotal’s Crowdsourced AI Initiative to Analyze Macros With Word & Excel Files

Published on

Malware protection

VirusTotal has announced a major change to its Crowdsourced AI project: it has added a new AI model that can examine strange macros in Microsoft Office files.

This model, created by Dr. Ran Dubin from Ariel University and the ByteDefend Cyber Lab, is meant to help the platform find and analyze possible threats in Word, Excel, and PowerPoint files.

VirusTotal’s Crowdsourced AI project uses several AI models and community contributions to improve cyber defense tactics.

- Advertisement - SIEM as a Service

Even though AI-based models aren’t perfect, they are very helpful because they work with other technologies to find and analyze new dangers.

The addition of ByteDefend’s model improves VirusTotal’s Code Insight features. These features already use up to three separate AI systems for Microsoft Office files.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers

Consensus on Malicious Files

In a recent case, all three AI models agreed that an XLS file being studied was malicious, though they provided different amounts of information.

This agreement shows how useful it is to use more than one AI engine to check for possible threats.

Malicious XLS file
Malicious XLS file

Another time, ByteDefend marked a DOC file as harmful, but Hispasec’s system thought it was safe.

These differences of opinion show how subjective danger analysis is and how important context is.

Even though the models come to different conclusions, they explain in detail how the macros work, which gives human researchers the information they need to make intelligent choices.

ByteDefend flags a DOC file as malicious
ByteDefend flags a DOC file as malicious

Enhanced Search Capabilities

Users can view AI report results through VT Intelligence.

The “bytedefend_ai_analysis:” modifier lets users search the AI’s output, and the “bytedefend_ai_verdict:” modifier lets users search by verdict.

ByteDefend reports where "telegram" is mentioned and the verdict is "malicious"
ByteDefend reports where “telegram” is mentioned and the verdict is “malicious”

 For instance, the query bytedefend_ai_analysis: telegram and bytedefend_ai_verdict:

malicious can be used to look for ByteDefend reports that mention “telegram” and have a malicious judgment.

The ByteDefend Cyber Lab and Dr. Ran Dubin deserve praise for their important work, which VirusTotal appreciates.

The platform plans to grow its Crowdsourced AI project by letting more people with a wide range of skills and knowledge contribute.

The goal is to create a strong defense plan that everyone can work on to deal with the constantly changing online threats.

VirusTotal wants other people in the security field to join this cause.

By adding ByteDefend’s AI model, VirusTotal keeps improving its ability to look for and analyze threats in Microsoft Office files.

This makes it even more of a star in cybersecurity innovation.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...