[clamav-users] Ios.Trojan.FakeTelegram-6736161-0 FOUND
Al Varnell
alvarnell at mac.com
Thu Dec 6 21:09:54 UTC 2018
What kind of suggestion are you looking for?
They appear to be three different iPhone/iPad/iPod applications.
The signatures were added to the ClamAV database on 1 Nov 2018.
I would have to guess it has something to do with this Talos article:
<https://blog.talosintelligence.com/2018/11/persian-stalker.html?utm_source=mosaicsecurity <https://blog.talosintelligence.com/2018/11/persian-stalker.html?utm_source=mosaicsecurity>>
-Al-
ClamXAV User
On Thu, Dec 06, 2018 at 11:08 AM, David Laxer wrote:
> Hi,
>
> I am running clamav-0.100.beta on OS X 10.11.6 and got the following messages
> Ios.Trojan.FakeTelegram-6736161-0 FOUND
>
> Here’s my clamscan invocation:
>
> $ clamscan/clamscan -i -r --exclude-dir=/Volumes --exclude-dir=/dev --exclude-dir=/Users/davidlaxer/clamav-0.100.0-beta/test --max-filesize=100M /
>
> I received the following three alerts:
>
> /Users/davidlaxer/iTunes Media/Mobile Applications/7notesHD Prem 3.2.2.ipa: Ios.Trojan.FakeTelegram-6736161-0 FOUND
> /Users/davidlaxer/iTunes Media/Mobile Applications/JapanGoggles 2.6.ipa: Ios.Trojan.FakeTelegram-6736161-0 FOUND
> /Users/davidlaxer/iTunes Media/Mobile Applications/Memo 3.0.0.ipa: Ios.Trojan.FakeTelegram-6736161-0 FOUND
>
> Any suggestions?
>
> Thanks in advance!
>
> Best,
> -Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20181206/ce6939a9/attachment.htm>
More information about the clamav-users
mailing list