Google's acquisition of VirusTotal is a bid by the company to strengthen its Web security posture. "Security is incredibly important to our users and we've invested many millions of dollars to help keep them safe online," said a Google spokeswoman via email. "VirusTotal also has a strong track record in Web security, and we're delighted to be able to provide them with the infrastructure they need to ensure that their service continues to improve."
"Here's a little secret. Having a huge index of suspected and confirmed malware is really handy for protecting hundreds of millions of users," tweeted Google's Justin Schuh, who's part of the Google Chrome security team.
Launched in 2004, Spain-based VirusTotal offers on-demand scanning of any URL or file, aggregating detection capabilities offered by command-line versions of about 40 different antivirus scanning engines, file characterization tools and datasets, and website scanning engines.
But a blog post from the "VirusTotal Team" that announced the company's acquisition by Google, said that the company had often faced resource challenges, which of course Google--a long-term business partner--will singlehandedly overcome. "This is great news for you, and bad news for malware generators because [the] quality and power of our malware research tools will keep improving, most likely faster; and Google's infrastructure will ensure that our tools are always ready, right when you need them," according to the VirusTotal blog post.
[ Are you paying attention to the right things? Read 6 Password Security Essentials For Developers. ]
Google has increasingly been going on the offensive when it comes to spotting malware. Earlier this year, the company said it would begin warning users when their accounts appeared to be targeted by state-sponsored attackers. More recently, the company has also begun alerting users when it detects unusual access patterns to their email.
Early reaction from the antivirus industry to the deal has been positive. Eva Chen, CEO of Trend Micro, said in a blog post that the deal "is excellent news," because it will create an even more massive, on-demand repository of known-bad code. "Google's massive infrastructure is much more stable than the existing stand-alone VirusTotal infrastructure and we believe it will be [a] much more reliable source and so a benefit for the industry as a whole," she said.
In addition, Chen suggested that Google itself could now serve as a clearinghouse for malware samples, replacing what's now more of an ad hoc approach involving lots of behind-the-scenes sharing. "In the current system, security vendors get samples from their AV testing group, who in turn get these from other AV vendors," she said. "The problem with this is that whoever submits more samples get a higher detection rate and that skews the system. Overall, I think it's much better for everyone if the security vendors ... get these sample feeds directly from Google."
Some Google fans are already envisioning new ways in which the VirusTotal malware database might be extended. "Whoa, Google just bought VirusTotal ... Could it contribute to the Bouncer in the future perhaps?" read a tweet from Android Police, referring to Google's automated code-review service, which it uses to help keep malware out of its Google Play application marketplace.