Services like URLVoid "Reliable" ??

Discussion in 'other anti-virus software' started by AvinashR, Sep 23, 2010.

Thread Status:
Not open for further replies.
  1. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Yesterday i have done some thorough testings on URLVoid services by throwing lot of malicious address in their so called Check Reputation of Domains and Subdomains service.. and to my surprise i have found that many infected website got clean reputation ... I am not sure whether they do scan every website in real-time or whether they store old cache data of each analysed website..

    I have an example of a Website (German Proxy Website) which is infected with an Exploit. This exploit kit was first noticed on 2010-04-06 on Virus Total and unfortunately only 18 vendors, till date, was able to detect it.. What a sad dilemma.. After that i have tested it on URLVoid and found that only "TrendMicro Web Reputation" DETECTED this exploit ... And detection rate is 1 / 16 (6 %) .. Now i got confused whether these services actually do scan website in real-time or they working on the same old methodology ... Right after this i captured lot of infected website and received some shocking results.

    Here are the screen-shots...
     

    Attached Files:

  2. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    828
    Location:
    Ireland
  3. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    What's more funny that, exploit is still there and only 18 vendors are able to detect it . ..

    PS: This exploit is first seen on 6th April 2010 ...
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I tested it with Linkscanner, and according to it, it's clean. This is not to say it's clean. Just saying what Linkscanner reported.

    I wonder why in your virustotal result, AVG detected it? For what I know, Linkscanner is the only component that detects exploits, insn't it?
     
  5. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Even i am bit confused because on URLVoid TrendMicro detected this exploit but in VT it goes undetected ...
     
  6. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
  7. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    So its 19 now.. I guess vendors are noticing this ..
     
Loading...
Thread Status:
Not open for further replies.