Google has acquired Zynamics, a small company based in Germany that provides software analysis tools to help with malware analysis using reverse engineering. Though an official announcement has not been made, Google did acknowledge the acquisition. “We’re delighted to have the zynamics team aboard and hope their tools and skills in fighting malware will help us better protect Google’s users,” a Google spokesperson told SecurityWeek this afternoon.
The company current has several products including its “zynamics VxClass,” which enables users to structurally compare executables and thus ignore byte-level changes such as instruction reordering or string obfuscation. Zynamics claims even small changes in the code or changed compiler settings can be detected with its VxClass tool.
Related Reading: Hacking Internet Enabled TVs
The company says its products help with analyzing the growing flood of complex malware with tools like its VxClass, which helps with the automatic classification of malware and trojans into families. Malware analysts can upload a sample of malware, and zynamics VxClass will remove the executable crypters from it, then analyze and compare the uploaded executable to a database of malware samples, and provide a simple similarity metric that can tell whether the program is related to a piece of known malware.
The company’s “BinDiff “ product is a comparison tool for binary files, that assists vulnerability researchers and engineers to find differences and similarities in disassembled code. With BinDiff users can identify and isolate fixes for vulnerabilities in vendor-supplied patches. Users are also able to port symbols and comments between disassemblies of multiple versions of the same binary or use BinDiff to gather evidence for code theft or patent infringement.
Zynamics BinCrowd is a collaborative tool that allows users and to create a central repository of information on reverse-engineered software and share this information with other members of your team.
Through the acquisition Google will get a handful of talented software security gurus as well as some excellent technology, that hopefully with Google’s backing, will improve even further and get into the hands of more people. It’s not clear how Google will integrate the talent and technology but I’ll be keeping an eye on things and reach out to a few folks involved.
In post on the company’s blog late this afternoon the company noted, “We’re pleased to announce that zynamics has been acquired by Google! If you’re an existing customer and do not receive our email announcement within the next 48 hours, please contact us.”
The company was founded by Halvar Flake in 2004.