[clamav-users] Signature update timeliness
Mark Foley
mfoley at novatec-inc.com
Fri May 5 17:14:38 UTC 2017
I have a question about the timeliness of signature updates. I am running a
clamav-milter to check email when received by the MDA -- this rarely finds
anything. I also have clamscan running multiple times a day checking all the
Maildir folders.
Yesterday, the Maildir folder scan found Js.Downloader.Nemucod. But, this
message was recieved on April 26th -- 8 days before the malware was detected by
clamscan. Doing a quick google search, I find that the JS.Nemucod trojan has
been around since at least December 2015.
So, was the clamav signature for this malware just added to the list on May 4th?
If so, why does it take so long to include a malware that's been around for
years? If it was added earlier, why did clamscan not find it for 8 days?
Mutation?
--Mark
More information about the clamav-users
mailing list