Threatglass was built as a frontend for a large-scale, automated system that leverages heavyweight virtualisation to detect web-based malware in a vulnerability and exploit-independent manner. The platform analyses millions of websites each week. Websites for inspection are sourced from multiple data feeds including the Alexa top 25,000 websites, social feeds and suspicious websites from Barracuda’s customer network, consisting of more than 150,000 organisations worldwide. In addition to screen captures of the infections, Threatglass displays various representations of network traffic including DNS, HTTP, and netflow in both graphical and textual formats. The system has cataloged approximately 10,000 live web-based malware attacks and adds new ones each day.
Barracuda Labs’ malware detection engines have discovered numerous infections in high-profile websites. In the last few months, Barracuda Labs published those findings for Cracked.com, Php.net and Hasbro.com. Those examples and thousands of other infected websites now are visible through Threatglass.