Barracuda’s new tool for Malaysians to detect malware-infected sites

AvantiKumar

Thiban Darmalingam, Regional Manager for Barracuda in Malaysia modified 

Photo - Thiban Darmalingam, Regional Manager for Barracuda Networks in Malaysia.

 

Cloud-connected security and storage solutions specialist Barracuda Networks has launched an online malware detection tool for Malaysian users to share, browse and analyse malware-infected sites.

Malaysia-based regional manager for Barracuda Networks Thiban Darmalingam says the launch of the Threatglass portal helps users to know when "good sites have gone bad."

The new industry portal offers exploration, visualisation and analysis of websites that have been infected by malware, said Darmalingam.

"'Good sites gone bad' is a daily problem for popular websites that are usually targeted by attackers to infect malware on unsuspecting visitors" he said. "With Threatglass, the cyber security community will have access to a high-level tool that can be used by anyone with minimal technical knowledge."

"Each week the platform will analyse millions of websites including the Alexa top 25,000 websites, social feeds and suspicious websites identified through Barracuda's customer network that consists of more than 150,000 organizations worldwide," said Darmalingam.

He said Threatglass was originally developed for Barracuda Networks "and is now being shared with the cyber security community, for both casual users and the research community to provide an effective way to document and better understand this ongoing problem."

"In the last few months, our malware detection engines at Barracuda Labs have found popular sites like Cracked.com, Php.net and Hasbro.com to be infected with Malware," said Darmalingam.

 Automated system

"Threatglass large-scale automated system has catalogued approximately 10,000 live malware attacks and is constantly updating new ones every day to its system," he said,

"Threatglass is an automated system that leverages heavyweight virtualisation to detect web-based malware in a vulnerability and exploit-independent manner," said Darmalingam. "In addition to screen captures of the infections, the site displays details of these infected sites through various representations of network traffic including DNS, HTTP, and netflow in both graphical and textual formats."

Some of the features Threatglass users can explore are:

Visualisation

  • Casually browse website infections in an Pinterest-like graphical representation
  • View charting and trending data of historical malware volumes
  • Examine relationships between various components of an attacker ring

Community

  • Share data among other researchers
  • Review easily-parsed breakout data as well as source data
  • Submit websites for inspection and analysis