Jump to content
Joe M

CryptoMining Malware Missed By Many AVs including ESET.

Recommended Posts

Hi,

Many mobile AVs including Eset, MalwareBytes and Kaspersky failed to detect a crypto mining malware which was thankfully detected by my android Adguard app.

The malware was detected on this link (given in the end) which was given to me by someone in a friend telegram group. Luckily, I open unknown links in incognito tab.

I'm very disappointing by all these AV. I first told about MalwareBytes, they replied back confirming the detection and including update for it in their next update. But they did Nothing.

Their AV continued to Not detect this crypto malware for more than a week after they confirmed the detection to me. Disappointed, I uninstalled their mobile AV and installed Kaspersky.

Kaspersky was a bigger sucker and very bureaucratic type when I told them about this malware. When I told them about this they did Not detect it first time and told me they have forwarded the sample  to their headquarter. Many days later, they also confirmed the detection!! They told me their latest will include detection for it. But same story, weeks gone by, despite my further emails, the crypto malware on the site remained UNDETECTED by them as well!!

Again disappointed, so I uninstalled Kaspersky mobile AV too. I now forwarded the sample to Eset. They are Sooo great they did Not even bother to reply back!! At least, MB and Kaspy kept me posted. Asked further details etc. Eset was just chill !! 

And when did all the above thing happen? It happened a month back, conversation and detection all, and the crypto malware is STILL undetected in the URL. 

Only android Adguard  App (note : only android adguard app) warns about this malware when you opened the below given URL in Chrome's incognito mode.

What a big shame that all the great AV name failed to detect a crypto mining malware. Some despite promising including the detection for it.

URL hxxp://www.youserials.com/

Thanks

Regards

Share this post


Link to post
Share on other sites

Sorry for delayed response. But why not the whole website is getting blocked if you are detected this malware?

Also I was talking about Android mobile platform. In chrome's incognito mode, in both Android and desktop, I do Not get any warning nor the URL is blocked!!

If the URL is blacklisted by your product then why Eset is not flagging it in Virustotal URL analysis?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×