The tool, called WinMHR, utilizes the techniques to check a Windows PC for malware through Team Cymru's Malware Hash Registry, a directory of files that have already been identified as malicious by anti-virus software vendors and security researchers. Malware signatures are constantly updated by Team Cymru, so there are never any signature updates to install. No files or any of their contents are sent across the network, only hashes, according to Steve Santorelli, director of global outreach with Team Cymru. Read about Team Cymru's work to battle botnets around the globe in 3 basic steps to avoid joining a botnet.
"It checks files against a central database that is one of the most comprehensive in the world," said Santorelli. "It might not sound like much, but that's never been done before and it's an approach that might well tip the balance in favor of those of us that fight against computer crime."
The link for this article located at CSO Online is no longer available.
