[clamav-users] Bitcoin : Chainstate : Virii
Jason Haar
Jason_Haar at trimble.com
Wed Jun 11 09:08:15 UTC 2014
On 11/06/14 18:49, ellanios82 wrote:
> Those files do not even contain any virus.
It doesn't even matter if it did contain a whole, real virus. A real
virus embedded into a multi-gig blob of bitcoin data is about as
dangerous as blinking
This is a similar symptom seen with running virtuals - the AV running
on the virtual means chunks of viruses it is looking for are floating
around in it's RAM - which means they can get swapped out to disk on the
physical - where the local AV could go bat-crazy over. Either AV vendors
learnt to whitelist virtual file formats or they simply don't scan files
greater than YYYYY bytes in size. Either of those options would work for
this bitcoin "lark" too
Don't forget, a virus is just a file until you execute it - only then is
it really a "virus"
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the clamav-users
mailing list