Earlier this summer, we told you about our proprietary CyberCapture technology. CyberCapture is a vital component of the Avast Antivirus Nitro Update, providing users with increased speed and a higher level of protection against zero-second attacks. In this post, I’d like to dive deeper into the engineering behind CyberCapture and explain the components that give the feature its technical integrity.
In essence, CyberCapture is a cloud-based smart file scanner. In order to provide immediate analysis, CyberCapture automatically establishes a two-way channel of communication with the Avast Threat Labs while securing suspicious files on the user’s PC until analyses are completed. Once a file has been isolated, our team can clear away all the false code, misdirection, obfuscation, and other stuff malware creators use to mask malware’s true intentions. By doing so, CyberCapture is able to dissect malicious file, observe the binary level instructions inside the malware, and understand the true purpose hidden within it.