Jump to content

CryptoMining Malware Missed By Many AVs including ESET.

Joe M

Recommended Posts


Many mobile AVs including Eset, MalwareBytes and Kaspersky failed to detect a crypto mining malware which was thankfully detected by my android Adguard app.

The malware was detected on this link (given in the end) which was given to me by someone in a friend telegram group. Luckily, I open unknown links in incognito tab.

I'm very disappointing by all these AV. I first told about MalwareBytes, they replied back confirming the detection and including update for it in their next update. But they did Nothing.

Their AV continued to Not detect this crypto malware for more than a week after they confirmed the detection to me. Disappointed, I uninstalled their mobile AV and installed Kaspersky.

Kaspersky was a bigger sucker and very bureaucratic type when I told them about this malware. When I told them about this they did Not detect it first time and told me they have forwarded the sample  to their headquarter. Many days later, they also confirmed the detection!! They told me their latest will include detection for it. But same story, weeks gone by, despite my further emails, the crypto malware on the site remained UNDETECTED by them as well!!

Again disappointed, so I uninstalled Kaspersky mobile AV too. I now forwarded the sample to Eset. They are Sooo great they did Not even bother to reply back!! At least, MB and Kaspy kept me posted. Asked further details etc. Eset was just chill !! 

And when did all the above thing happen? It happened a month back, conversation and detection all, and the crypto malware is STILL undetected in the URL. 

Only android Adguard  App (note : only android adguard app) warns about this malware when you opened the below given URL in Chrome's incognito mode.

What a big shame that all the great AV name failed to detect a crypto mining malware. Some despite promising including the detection for it.

URL hxxp://www.youserials.com/



Link to comment
Share on other sites

Sorry for delayed response. But why not the whole website is getting blocked if you are detected this malware?

Also I was talking about Android mobile platform. In chrome's incognito mode, in both Android and desktop, I do Not get any warning nor the URL is blocked!!

If the URL is blacklisted by your product then why Eset is not flagging it in Virustotal URL analysis?

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...