Oddbean new post about | logout
Frehi | 1 years ago (raw) | export | reply | flag 
 Yesterday the news broke that a trojanized version of #freedownloadmanager was being distributed. https://securelist.com/backdoored-free-download-manager-linux-malware/110465/

1 day later:
- no single anti virus vendor (besides #Kasperksy) added detection  https://www.virustotal.com/gui/file/b77f63f14d0b2bde3f4f62f4323aad87194da11d71c117a487e18ff3f2cd468d/detection
- Both 1.1.1.2 and 9.9.9.9 malware filtering DNS servers still resolve the domain
- Only a handful of security vendors flag the domain as malicious https://www.virustotal.com/gui/domain/deb.fdmpkg.org/detection

Even though this is not  widespread, this is disappointing.

#security #malware #linux #virustotal
da_667 | 1 years ago (raw) | root | parent | reply | flag 
 @2232cabb FYI, I do Snort/Suricata rules at Emerging Threats. I can promise you that I'll be submitting DNS rules for the domain. they'll be present in today's rule releases for Snort 2.9, Suricata4, and Suricata5+

Just want you to know I saw it, and I'm doing what I can.