ESET Threat Blog

Archive for the 'Virus Total' Category

  •  
by David Harley Senior Research Fellow
December 1, 2011 at 9:00 am

Danish security company CSIS have reported a worm that really does spread through Facebook, unlike some of the malware we've seen described in hoaxes recently. Peter Kruse tells us that the worm logs in as the owner of the infected system and spams messages to his or her friends. The message consists of a link … Read More…

Comments
0

?>
by David Harley Senior Research Fellow
July 29, 2010 at 4:31 am

Everyone hates false positives (FPs). Well, nearly everyone. For purveyors of fake anti-malware products, deliberate FPs are a source of income… 
However, real security vendors hate them because every false positive is a significant detection failure, even if no-one notices (it's quite possible that most FPs pass unnoticed by anyone because the circumstances under which the scanner would … Read More…

Comments
2

?>
by David Harley Senior Research Fellow
February 16, 2010 at 6:48 am

 Security researchers work together and share information in many ways and in many contexts that aren't constrained by company boundaries, but it's unusual for security researchers working for different vendors to join forces in a company blog.
However, John Leyden of The Register contacted us both when he was writing an article on the controversy following Kaspersky … Read More…

Comments
2

?>
by David Harley Senior Research Fellow
February 2, 2010 at 11:59 am

Larry Seltzer posted an interesting item yesterday.  The article on "SW Tests Show Problems With AV Detections " is  based on an "Analyst's Diary" entry called "On the way to better testing."
Kaspersky did something rather interesting, though a little suspect. They created 20 perfectly innocent executable files, then created fake detections for ten of them. Then … Read More…

Comments
10

?>
by David Harley Senior Research Fellow
January 9, 2010 at 7:12 am

Sunbelt have responded to an article in Infosecurity about what I described way back in the early 90s (when putting together the alt.comp.virus FAQ) as the "thorny issue of malware naming". Well, I've been banging the drum about educating users and pretty much everyone else away from the concept that malware naming is useful for quite … Read More…

Comments
0

?>
by David Harley Senior Research Fellow
August 5, 2009 at 8:59 am

There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information, but actually related to a Trojan commonly called Delf or Doneltart. ESET is detecting the examples we’ve been seeing as a variant of Win32/TrojanDownloader.Delf.OZG.
The messages generally look something like this (at least, … Read More…

Comments
0

?>
Share |
Subscribe by Email
To receive new posts automatically through email, enter your email address:

Delivered by FeedBurner

Blog Search
Archives

Switch to our mobile site