Just wanted to give everyone an update on my previous Cuteoverload.com malware blog.
I passed the information I had to some friends over at Sunbelt Software and they have been looking into it deeper.
Without getting into too much detail at this point, they found two files are dropped on the machine after the JS file does its job (which is exploitation). Both of these files were checked for current AV detection and the results were not good.
Many of the big AV companies missed at least one of the files - NOD32, Sophos, McAfee, Norton, Trend Micro, Kaspersky, Microsoft, etc. Some missed both.
Investigations are ongoing, so more information will be released when possible.
Thanks to my friends at Sunbelt Software for their help.
No comments:
Post a Comment