Google has acquired a small German security start-up called Zynamics, which is well-known in the security industry for its reverse-engineering and analysis tools.
Zynamics announced the deal on its corporate blog on Tuesday, saying little other than that the company had been acquired by Google. The company is headed by Thomas Dullien, a respected security researcher and reverse engineer who is known by the handle Halvar Flake in security circles.
The acquisition by Google is an interesting one, as the company continues to build out its internal security team and its malware identification and classification capabilities. Google has assembled a deep team of researchers in the last few years, including Chris Evans, Neel Mehta, Michal Zalewski and Tavis Ormandy, and has been focusing on identifying sites that are serving malware or malicious ads and steering users away from them.
The software that Zynamics sells include several different analysis and reverse engineering products, most notably BinDiff and BinNavi, which enable customers to get detailed information on changes in binaries or executables without access to the source code. The company also sells a product called VxClass that is designed to identify and classify various pieces of malware.
“Based on the same ideas and algorithms that made zynamics BinDiff great, zynamics VxClass can structurally
compare executables and thus ignore byte-level changes such as
instruction reordering or string obfuscation. Small changes in the code
or changed compiler settings will not fool zynamics
VxClass,” the company’s site says.
VxClass may be the product that most interests Google in the Zynamics deal, given the company’s interest in classifying malware and malicious sites.