Skip Navigation
BlackBerry ThreatVector Blog

Spam, meet spam-killer. Math.

NEWS / 08.09.14 / Stuart McClure

What happens when CylancePROTECT meets the flotsam of the Internet?

Despite billions of dollars spent on anti-SPAM technologies worldwide, the scourge of SPAM continues to inundate every mailbox on the planet. While Cylance’s machine learning approach is performing beyond anyone in the industry in detecting maliciousness, we often find applications of our technology even beyond its original intent of preventing malware, APT's, advanced threats and the like. So when we saw a SPAM run report in the intelligence community we paused and flashed the unforgiving eye of our Math.

The SPAM included links that downloads some previously unseen malware variants.  Digging into it, we observed what looks like a new variant of the Upatre downloader. This variant in turn downloads three additional malware pieces.

The first of the three appears to be a variant of the Dyre Trojan. The second is likely the password stealer Kegotip. Last, but certainly not least, we have what appears to be a new Cutwail.

Now, CylancePROTECT is installed on tens of thousands of live machines and the intention was to see how our Math performed versus standard Industry detections.  What we found was that Cylance blocked the malware download from the SPAM email. As a matter of fact, we identified that the ‘math’ was able to detect this recently released malware back in April. Thus, any Industry vendor that couldn’t detect it now in July, is woefully slow, ineffective and sadly leaving their customers unnecessarily exposed.

In every sample tested, the Industry did a horrific job with early detection. Very few vendors actually caught the samples on the first submission. In other words, they were blind to these attacks. But who did detect and prevented them all from running? Well the clear and undisputed winner: Math!!!

The pool is perfect. Come on in.

Stuart McClure

About Stuart McClure

CEO, President, and Founder of Cylance

Stuart leads Cylance® as its CEO for the first math based approach to threat detection, protection and response. Prior to Cylance, Stuart was EVP, Global CTO and General Manager at McAfee/Intel. Stuart is the creator and lead-author of the most successful security book of all time, Hacking Exposed. He is widely recognized for his extensive and in-depth knowledge of security, and is one of the industry's leading authorities in information security today.