To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Georg Wicherski <[EMAIL PROTECTED]> wrote: >Cyrus Grissom wrote: >> 3. There's really no compelling need to click the "Do not >> distribute to antivirus companies" button. Chances are that if >> you're submitting to VT anyway, your desire or hope is that it >is >> detected, or will be in the near future. If your desire is for >AV >> companies to not detect your sample, you're probably not going >to >> send it to VT anyway. And don't worry, you're not going to get >in >> trouble for submitting a virus to VT. AV companies are not >going >> to track you down for submitting to VT. > > >VirusTotal has been proven to submit to AV vendors anyway, >regardless >what you select. This was proven with a 0day proof of concept >code, only >submitted to virus total and later being detected by several AV >companies which wouldn't have detected it two weeks before (and >yes, no >generic signatures). People are mumbling, VT get's paid for >samples, anyway... I can't speak as to whether or not VT submits your samples to AV vendors even if you do choose the "Do not distribute to antivirus companies" option, it's not something that I can prove or disprove. The same goes for "VT get's paid for samples", not something that I can prove or disprove (although I highly doubt that one). But I would suspect that the samples that VT sends to AV vendors, makes up a very small % of the total samples AV vendors receive. And to imply that the only way AV vendors were able to get their hands on a 0day is via VT, is just being naive (unless you wrote the 0day yourself and submitted it yourself and nobody else knew about it, not an easy one to prove...and probably not something you'd want to prove cause you'd be labeled an idiot.) And like Kaspersky doesn't have connections to the underground, (saying this in my best California valley girl voice) "Whateverrrrr". AV vendors have 100's of sources for obtaining samples, not to mention that the good ones will go out on their own and actively look for samples that they do not currently detect. Cyrus Grissom -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wkYEARECAAYFAkRK1rYACgkQUZmP8t5Ad2N5PQCgr5u/Crn+Lq6TSVYjKUXqatc92rEA n0CFCmo6O9Bz8kT5JFPwdmhPW85t =Ja3F -----END PGP SIGNATURE----- _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
