CryptoLocker file more than 40 hours in the wild but still undetected by AV's on VirusTotal (0/56)

GrujaRS

Level 5
Thread author
Verified
Well-known
Aug 7, 2016
228
More than 40 hours of virus circulating, and they enjoy the weekend!
For whom work AntiVirus company???
Whom they protect their clients or malware creators???
CryptoLocker sample.PNG
 
Last edited by a moderator:

Captain Awesome

Level 23
Verified
Top Poster
Well-known
May 7, 2016
1,285

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
Last edited:

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
I think that lower/no definitions update during weekends is a shame, user should consider this when choosing an AV.
Considering the huge nr. of users some AV have it's incredible they cannot employ someone on the weekends and leave millions of user with lower protection.
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Here is when different layer protection approach come into... in this case blocking the remote site would be enough to protect the user.
The problem is many AV just have a list of bad sites, no heuristic or other method to detect them.
If MW author change the site or have multiples (some have 1000+) the AV has problems/won't detect them all.
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
About the lack of Heuristic in Web AV module, not the case of Kaspersky ;) but agree, even in Kaspersky I've noticed that they relax at weekends, prolonging signature updates, also KL VirusDesk final verdict today is taking longer, as usually at weekends...
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top