"Playing Hide and Seek with a New Breed of Malware Threatening Millions of Users"
Georgia Tech's Cyber Forensics Innovation (CyFI) Lab discovered that Web App Engaged (WAE) malware has increased by 226 percent since 2020. Therefore, the team created a tool that enables cybersecurity incident responders to purge almost 80 percent of discovered WAE malware by teaming up with service providers. Ph.D. student at Georgia Tech Mingxuan Yao noted that web applications have become integral to our online lives, providing services such as content delivery, data storage, and social networking, but these utilities have made web applications attractive for malware creators. WAE malware aims to exploit these applications, exposing users to many risks. This type of malware is deceptive, but not in the ways one would expect. Instead of compromising the security of web applications, this form of malware exploits them by disguising its malicious traffic as benign. Yao and his co-authors developed Marsea to automatically and thoroughly examine WAE malware. The tool identifies and separates abuse based on the identity and assets of a web application. This article continues to discuss WAE malware and the tool developed to combat it.