Malware in google ads disguised as popular software

So about a month ago, Leo from TPSC made a video, linked in the text file, talking about malware being disguised as things like VLC media player or OBS studio, and many other very popular software used by people who have a lot of very valuable data to steal.

I was hoping for comodo/xcitium to make some changes that would help all xcitium-made products better detect these kinds of malware.

As the video explains, the malware has a lot of null values in it to make it too big to upload to a scanning service and certainly too big to upload to valkyrie.

So maybe some heuristic signatures could be added to the database to help detect that kind of malware? Maybe VirusScope could be much more strict on any files that are too big to upload?|attachment (43 Bytes)

Hi DrAlrek,

Thank you for sharing the information.
We will take this to the team notice.


@DrAlrek VirusScope is Static and Dynamic Analysis engine from Xcitium AKA Comodo