Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Got Malware? The FBI Is Willing to Pay For It

FBI Looking to Buy Malware From Security Vendors

The FBI has placed malware on its shopping list, and is turning to vendors to help the agency build a massive library of malicious software. 

FBI Looking to Buy Malware From Security Vendors

The FBI has placed malware on its shopping list, and is turning to vendors to help the agency build a massive library of malicious software. 

According to a ‘Request for a Quote’ posted on the Federal Business Opportunities website, the FBI is looking for price quotes for malware for the Investigative Analysis Unit of the agency’s Operational Technology Division.

“The Operational Technology Division (OTD), Investigative Analysis Unit (IAU) of the FBI has the following mission: Provide technical analysis of digital methods, software and data, and provide technical support to FBI investigations and intelligence operations that involve computers, networks and malicious software,” according to the document (.doc).

Malware Code“The IAU has a team of highly trained technical analysts, specialists and engineers providing on-scene technical support, employing innovative, custom developed analytical methods and tools to analyze collected data,” the document continued. “Critical to the success of the IAU is the collection of malware from multiple industry, law enforcement and research sources.”

According to the request for quote, any malware submissions must meet a set of baseline functional requirements:

i.      Contain a rollup of sharable malware as included in the malicious URL report

ii.     Be organized by SHA1 signatures

iii.    Be updated once every 24 hours

Advertisement. Scroll to continue reading.

iv.     Be a snapshot of the prior 24 hours

v.     Be, on average, 35 GB per day and include the following file types: 

Executable file types from Unix/Linux, Windows and Macintosh

Archives files

Image files

Microsoft Office documents

Audio and Video files

RTF files

PDF files

PHP files

JavaScript files

HMTL files

vi. Be able to retrieve feed in an automated way through machine-to-machine communication

vii. Initiations of accessing feed shall be pulled by IAU not pushed to IAU

The agency does not say precisely how the malware will be used, but the document calls the collection of malware from law enforcement and research sources “critical to the success of the IAU’s mission to obtain global awareness of malware threat.”

“The collection of this malware allows the IAU to provide actionable intelligence to the investigator in both criminal and intelligence matters,” according to the document.

The FBI did not respond to a request for more information from SecurityWeek before publication.

“The FBI reserves the right to request a sample product for test and evaluation purposes,” the document notes. “If a test sample is requested, the vendor will be notified when and where to send the sample. Given the nature of the solicitation, any test/sample product(s) will be removed/deleted at the conclusion of testing. To ensure that sufficient information is available, the Offeror must furnish, as a part of the quote, all descriptive material necessary for the purchasing activity to determine whether the product meets the salient characteristics of this requirement.”

Price quotes and a description of capabilities are due on Feb. 14.

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.