Author Topic: SI's Utter Failure to Detect Malware  (Read 4272 times)

Offline mearvk

  • Newbie
  • *
  • Posts: 2
SI's Utter Failure to Detect Malware
« on: January 18, 2013, 02:49:29 PM »
Got a FedEx email today which was fake telling me I had a package that needed to be picked up.  Could tell it was fake from the follow-thru link which is:

Mod edit: Malicious Link Removed

So I right click the Web Inspector option and do that.  Here is the report stating no malware or malicious activity was found:

http://app.webinspector.com/public/reports/8786194

Please note that there is a zip file automatically downloaded which is malicious when you visit the original menze.com site.  This is a big time failure.  Even running the attachment thru a free anti-virus shows it to be malicious.

So, my issue is that the Site Inspector doesn't mark it as dangerous (1) and (2) that I can't even copy the links in the Site Inspector page for inclusion in this forum post.  I have to literally do an 'inspect element' in my email window to get the data.

I'd say you guys have some very fundamental issues here that need immediate attention.

« Last Edit: January 19, 2013, 11:54:48 AM by Chiron »

Offline Chiron

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11951
Re: SI's Utter Failure to Detect Malware
« Reply #1 on: January 19, 2013, 11:56:37 AM »
I removed the link, although you can contact an active Mod and ask for the link. Note that posting live malware in the public portions of the forum is against forum policy. Below I have posted links to the analysis of the file downloaded from that site.

VirusTotal Results
Valkyrie Results
CIMA Results

Offline mearvk

  • Newbie
  • *
  • Posts: 2
Re: SI's Utter Failure to Detect Malware
« Reply #2 on: January 19, 2013, 04:43:16 PM »
I was thinking it would be nice to have a piece of software that when you label it as spam it does a whois query, finds the owner(s) and hosting company and fires off an email with these results in it.

Is that anywhere on Comodo's radar?

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek