[clamav-users] javascript ZIP virus not caught?
TR Shaw
tshaw at oitc.com
Tue Mar 15 20:52:09 UTC 2016
AL,
I am seeing lots of different version of ransomware .js downloaders (telescript, locky, and many others and variants) for which I have been feeding the CalmAV team and creating sigs pushed out as winnow sigs in Steve’s feed. I can tell you that all that I have and am feeding have not been detected by ClamAV when I detected them.
> On Mar 15, 2016, at 2:15 PM, Al Varnell <alvarnell at mac.com> wrote:
>
> That’s the KeRanger ransomeware which we dealt with last weekend. Not related to Teslacrypt AFAIK.
>
> -Al-
>
> On Tue, Mar 15, 2016 at 10:45 AM, Dennis Peterson wrote:
>>
>> Already in the wild.
>>
>> http://www.foxnews.com/tech/2016/03/07/new-mac-os-x-ransomware-targets-apple-users.html
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160315/d229c7c5/attachment.sig>
More information about the clamav-users
mailing list