YSZZ 0.9 vip

Discussion in 'ESET NOD32 Antivirus' started by manak, Aug 14, 2012.

Thread Status:
Not open for further replies.
  1. manak

    manak Registered Member

    Joined:
    Aug 12, 2012
    Posts:
    78
    There are some malicious scripts contain YSZZ 0.9 vip and JSXX 0.44 vip
    Does NOD32 Antivirus 5.2.9.1 protect from 'YSZZ 0.9 vip' and Gondad Exploit Kit(JSXX 0.44 vip) now?
     
    Last edited: Aug 14, 2012
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. manak

    manak Registered Member

    Joined:
    Aug 12, 2012
    Posts:
    78
    Unfortunately, I don't remember the Website URL address now. By the way AVG can detect Gondad Exploit Kit with JSXX 0.44 vip JavaScript Encrypter at that time.

    I could get some info about KaiXin Exploit Pack with Javascript encrypter Yszz 0.7 vip ( [xttp://www.kahusecurity.com/2012/new-chinese-exploit-pack/ ). Of course I believe Yszz 0.9 vip is newer version.

    I'm using ESET NOD32 at my home so I don't want to take a risk. I just hope that ESET NOD32 also can detect those things.
     
    Last edited by a moderator: Aug 17, 2012
  4. manak

    manak Registered Member

    Joined:
    Aug 12, 2012
    Posts:
    78
    Last edited: Aug 23, 2012
  5. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
    According to VirusTotal, ESET detects the KaiXin Exploit Pack as Win32/PSW.OnLineGames with various extension updates as new encryptions and versions have been created.

    The Java exploits talked about in Kahusecurity's blog post about the KaiXin Exploit Pack lists 3 Java Exploits (Rhino, Atomic and Applet Field) which are covered by ESET Bloggers here, here and here and all are detected by ESET with the latest versions of these files/exploits being added in the last few days. I suspect we'll see even more as they continue to evolve.

    ESET Malware Researcher Sébastien Duquette also wrote a blog about it back in October.

    The link you posted refers to an article about an NSS Labs test result that we've already covered here.
     
    Last edited: Aug 24, 2012
  6. manak

    manak Registered Member

    Joined:
    Aug 12, 2012
    Posts:
    78
    dwomack. Thank you for good information.
     
Thread Status:
Not open for further replies.