Russia to launch its own version of VirusTotal due to US snooping fears
The Russian government plans to have its own analogous version of the malware scanning platform VirusTotal up and running within the next two years, due to concerns the U.S. government could access data from the popular Google-owned service.
VirusTotal is an online service that lets organizations upload suspected malware to be checked against a range of antivirus tools. These checks are shared with the cybersecurity community, creating a library of malware signatures to help detect attempted attacks and develop threat intelligence.
Alexander Shoitov, the deputy minister of digital development and communications in Russia, told newspaper Rossiyskaya Gazeta that the platform — to be called “Multiscanner” — was being created by the country’s new National Technology Center for Digital Cryptography alongside other organizations and private sector enterprises.
A website for the Russian platform is already online, bearing a notice that the service is under reconstruction. It identifies a number of partner companies, including Kaspersky, AVSoft and Netoscope.
Shoitov said new functions would be added next year, before the Multiscanner platform is fully operational in 2025, according to Rossiyskaya Gazeta. Similarly to VirusTotal, the service would ultimately not only remotely check files and links using static analysis, but also conduct behavioral analysis on the suspected malware in virtual controlled sandbox environments.
Alexey Vishnyakov, the head of malware detection at the Russian company Positive Technologies — which has been sanctioned by both the U.S. Treasury and the European Union for supporting the Russian intelligence services — explained to Rossiyskaya Gazeta that the legal ability for U.S. authorities to access the platform’s user data might make using VirusTotal unlawful in the Russian Federation.
The company suffered an embarrassing gaffe in July, when an employee accidentally uploaded a list of thousands of user accounts to the platform itself — unintentionally exposing the names and email addresses of hundreds of individuals working for defense and intelligence agencies globally.
The Russian government’s moves to find domestic alternatives to U.S.-based technologies follows a wave of sanctions resulting from its invasion of Ukraine, and aligns with the Kremlin’s repeated efforts to establish sovereign control over what its citizens can see online for what it describes as national security purposes.
Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.