Services like URLVoid "Reliable" ??

Discussion in 'other anti-virus software' started by AvinashR, Sep 23, 2010.

Thread Status:
Not open for further replies.
  1. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,063
    Location:
    New Delhi Metallo β-Lactamase 1
    Yesterday i have done some thorough testings on URLVoid services by throwing lot of malicious address in their so called Check Reputation of Domains and Subdomains service.. and to my surprise i have found that many infected website got clean reputation ... I am not sure whether they do scan every website in real-time or whether they store old cache data of each analysed website..

    I have an example of a Website (German Proxy Website) which is infected with an Exploit. This exploit kit was first noticed on 2010-04-06 on Virus Total and unfortunately only 18 vendors, till date, was able to detect it.. What a sad dilemma.. After that i have tested it on URLVoid and found that only "TrendMicro Web Reputation" DETECTED this exploit ... And detection rate is 1 / 16 (6 %) .. Now i got confused whether these services actually do scan website in real-time or they working on the same old methodology ... Right after this i captured lot of infected website and received some shocking results.

    Here are the screen-shots...
     

    Attached Files:

    AvinashR, Sep 23, 2010
    #1
  2. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    malexous, Sep 23, 2010
    #2
  3. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,063
    Location:
    New Delhi Metallo β-Lactamase 1
    What's more funny that, exploit is still there and only 18 vendors are able to detect it . ..

    PS: This exploit is first seen on 6th April 2010 ...
     
    AvinashR, Sep 23, 2010
    #3
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I tested it with Linkscanner, and according to it, it's clean. This is not to say it's clean. Just saying what Linkscanner reported.

    I wonder why in your virustotal result, AVG detected it? For what I know, Linkscanner is the only component that detects exploits, insn't it?
     
    m00nbl00d, Sep 23, 2010
    #4
  5. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,063
    Location:
    New Delhi Metallo β-Lactamase 1
    Even i am bit confused because on URLVoid TrendMicro detected this exploit but in VT it goes undetected ...
     
    AvinashR, Sep 23, 2010
    #5
  6. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Dermot7, Sep 23, 2010
    #6
  7. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,063
    Location:
    New Delhi Metallo β-Lactamase 1
    So its 19 now.. I guess vendors are noticing this ..
     
    AvinashR, Sep 25, 2010
    #7
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...