Researchers have disclosed that they were able to repeatedly sneak malware past a leading AI-based endpoint security solution simply by appending benign code strings from a video game file to the malicious code.
The solution, CylancePROTECT, from Cylance and its parent company BlackBerry, failed to detect almost 90 percent of the 384 malware programs that researchers amended with the gaming code, according to a company blog post published last Thursday by Sydney, Australia-based Skylight Cyber. And it missed 100 percent of the top 10 malwares of May 2019.
Skylight researchers decided to used the video game code to create a what they describe as a "universal bypass" exploit, after a careful analysis of CylancePROTECT's engine and model found that the security solution had a demonstrated a "bias" for a popular game. (Cylance would later dispute the "universal bypass" designation.) Skylight has not publicly revealed the name of the game.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.