Comments on: Hexzone Hotzone http://blog.eset.com/2009/04/23/hexzone-hotzone Sun, 12 Feb 2012 22:29:08 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: David Harley http://blog.eset.com/2009/04/23/hexzone-hotzone/comment-page-1#comment-44528 David Harley Sat, 25 Apr 2009 18:29:22 +0000 http://www.eset.com/threat-center/blog/?p=1001#comment-44528 Dear Finjan. Thank you for your clarification. I have, of course, read your blog. Obviously, I'm aware of the VirusTotal report you cited. As far as I know, no-one at ESET (or anyone commenting on these blogs) has accused you of fabricating the 1.9 million number. And I certainly haven't said anything like "Finjan has been real aggressive about spreading FUD" and would be most interested to know why you think I did. David Harley, speaking for himself, not ESET. Dear Finjan.

Thank you for your clarification. I have, of course, read your blog. Obviously, I’m aware of the VirusTotal report you cited. As far as I know, no-one at ESET (or anyone commenting on these blogs) has accused you of fabricating the 1.9 million number. And I certainly haven’t said anything like “Finjan has been real aggressive about spreading FUD” and would be most interested to know why you think I did.

David Harley, speaking for himself, not ESET.

]]> By: Finjan http://blog.eset.com/2009/04/23/hexzone-hotzone/comment-page-1#comment-44521 Finjan Sat, 25 Apr 2009 17:03:06 +0000 http://www.eset.com/threat-center/blog/?p=1001#comment-44521 Dear ESET, Finjan's blog post shows VirusTotal report and indicates on Hexzone as an executable the bot was instructed to download from the command center. Hexzone is not the bot itself but one out of many executables that the bot downloaded and executed on the infected PCs. Taken from the blog post: "This command instructs the bot on the infected computers to download and execute a Trojan horse. As indicates on the VirusTotal report below, only 4 out of 39 Anti-Virus products detected this Trojan." As for the number of infected PCs: The 1.9M number is very accurate. The entire DB was available for inspection where unique records were identified (computer names, IPs, region). Commands were sent to the entire net or to subsets (regional). Your comment "Finjan has been real aggressive about spreading FUD" is unprofessional :-( Finjan Dear ESET,

Finjan’s blog post shows VirusTotal report and indicates on Hexzone as an executable the bot was instructed to download from the command center.

Hexzone is not the bot itself but one out of many executables that the bot downloaded and executed on the infected PCs.

Taken from the blog post:
“This command instructs the bot on the infected computers to download and execute a Trojan horse. As indicates on the VirusTotal report below, only 4 out of 39 Anti-Virus products detected this Trojan.”

As for the number of infected PCs:
The 1.9M number is very accurate. The entire DB was available for inspection where unique records were identified (computer names, IPs, region). Commands were sent to the entire net or to subsets (regional).

Your comment “Finjan has been real aggressive about spreading FUD” is unprofessional :-(

Finjan

]]>