Researchers Easily Trick Cylance's AI-Based Antivirus Into Thinking Malware Is 'Goodware'

Artificial intelligence has been touted by some in the security community as the silver bullet in malware detection. Its proponents say it's superior to traditional antivirus since it can catch new variants and never-before-seen malware--think zero-day exploits--that are the Achilles heel of antivirus. One of its biggest proponents is the security firm BlackBerry Cylance, which has staked its business model on the artificial intelligence engine in its endpoint PROTECT detection system, which the company says has the ability to detect new malicious files two years before their authors even create them. But researchers in Australia say they've found a way to subvert the machine-learning algorithm in PROTECT and cause it to falsely tag already known malware as "goodware." The method doesn't involve altering the malicious code, as hackers generally do to evade detection.