Yoroi-Cybaze shares “Yomi: The Malware Hunter” for free with cyber security experts community
“Yomi: The Malware Hunter” becomes “public”. Yoroi-Cybaze cyber security firm decided to share proprietary tools to help the InfoSec community to detect, analyze and dissect malware threats. The platform is the first completely Italian malware analysis sandbox, and it’s able to digest and detonate malicious documents, executables, installers and scripts in a controlled environment, silently recording each samples actions inside the custom analysis environment designed to defeat evasion techniques, and then spot and track the malicious behaviour hidden by attackers. Its engine implements a multi-analysis approach able to exploit both static analysis and behavioural analysis. The first includes document and macro code extraction, import, dependencies and trust chain analysis. The second is weaponized to recognizing malicious (or suspicious) actions the malware silently does, giving also a powerful insight on command and control, exfiltration and lateral movement activities over the network.
The aim is to engage researchers, increase cooperation in the anti-malware war
Moreover, Yomi it’s designed to engage the InfoSec community and leverage hunters experience, enabling them to tag the submitted samples with names, families and contextual enrichments only a human analyst can afford. Also, the community will have the opportunity to participate in contests aimed to spot particular threats or engage the other cyber security experts to gather data and discussion about trends spotted in the wild. Nowadays malware represents a powerful tool for cyber attackers and cybercrime, with over 856 million of distinct samples identified during the last year. Furthermore, decades of adversarial coevolution with the Anti-Virus industry led the threats to develop the ability to evade detection, bypassing security boundaries and staying silent until the proper time. Finally unleashing their malicious behaviour, enabling remote hackers, cyber-criminals and spies to steal secrets, data, digital goods and money, for fun and profit.