After reading Brian Krebs' exposé on a criminal group that infiltrated three of the most popular U.S. based personal and business data aggregators, we wanted to see how our Infinity platform and CylanceV stacked up against the exact malware used in the breach. Could we detect something that wasn’t flagged as malware the top anti-malware tools?
An initial analysis of the malicious bot program installed on the hacked servers reveals that it was carefully engineered to avoid detection by antivirus tools. A review of the bot malware in early September showed most antivirus firms were still giving it a clean bill of health. But, what happened when it was run through CylanceV and our Infinity engine?
Well, a picture is worth a thousand words.
Cylance Infinity immediately recognized the sample as a threat – and it's never seen the file before. By leveraging machine learning and advanced mathematical modeling instead of the traditional methods (signatures, heuristics, file detonation, etc.), Cylance Infinity caught what the others had missed.
Final score: Infinity – 1, SSNDOB – 0
Machine learning is here to stay.
Stay tuned for more information about CylanceV and Cylance Infinity. If you're interested in how your organization can get plugged into the power of Infinity today, please contact firstname.lastname@example.org.