Eset flaw

Discussion in 'ESET Smart Security' started by volvic, Sep 2, 2010.

Thread Status:
Not open for further replies.
  1. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    I think the way Eset appears not to have a central email address for missed malware/virus for submission is silly (each country seems to have its own route and the option within eset never gets a response).

    Yesterday I submitted a file doing the rounds (first seen in the wild about 1.9.10) which is malware. They have not responded or even acknowledged my email.

    Today a similar file is doing the rounds re-submitted.

    Other AVs now beginning to detect that file (e.g. Avira) and some others not (e.g. Kaspersky!) ~Scan results removed per Policy~

    Eset needs to get its act in order.
     
    Last edited by a moderator: Sep 2, 2010
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    There should be no problem submitting samples per the instructions here. A reply should be provided unless the email is written in other than English language. I'd also add that detection for the files you referred to was added before you submitted them and will be released with the next update.
     
    Last edited: Sep 2, 2010
  3. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    Will be released with the next update but submitted before I submitted them. Had no reply at all. Yes I write in English.

    Thanks.

    I would be interested to learn why it has taken you now nearly 3 days to release this detection. Seems a bit too slow for my liking.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    That's wrong, the file was uploaded to Jotti about an hour ago. As you might have noticed, the antivirus you mentioned detected it only thanks to doubled extension as HIDDENEXT/Worm.Gen (a pretty easy trick to evade this detection would be using just one extension).
    Another thing is that we haven't received any file with the MD5 of the zipped file you referred to. We received the unpacked file from our distributor 1,5 hours ago (detection was already added) and then from a guy with the email address commencing with ai... .com. If this is not your email address then we haven't received your sample yet. To make sure, PM me your email address.
     
  5. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    Why are you talking in riddles man?
     
  6. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Perhaps Marek means that if you did not send the malware sample in question directly to samples@eset.com (or samples@eset.sk, which is the same mailbox) that it was not seen by ESET's virus lab until the submissions from the distributor, another user and Jotti were received.

    Regards,

    Aryeh Goretsky
     
  7. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    Aha - what is the distributor?
     
  8. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    A list of ESET's distributors can be found here on ESET's web site. While they do provide in-country support for their resellers and partners, they are not the virus lab, which is where submissions of a malicious nature should be sent.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.