Friday, 30 November 2012

VirusTotal += ADMINUSLabs

Continuing the trend of engine inclusions we have just added ADMINUSLabs as a new URL scanner. In words of ADMINUSLabs itself:
ADMINUSLABS has built an incredibly robust and comprehensive binaries and malware collection and analysis set of tools, enabling organizations of all sizes to leverage the data analyzed and threats monitored to build better defense system. With clients and partners in every continent, ADMINUSLABS solutions offer industry leading technology, flexibility, cost effectiveness, and service levels.
ADMINUSLabs has shared its malicious URL dataset with VirusTotal, from now on, whenever a user submits a URL to VirusTotal for scanning it will also get checked against ADMINUSLabs' dataset and flagged as malicious if present in it. This is an example of a report with one such detection:

https://www.virustotal.com/url/0048c271f6c90bc6959c0eb91ed139692a1ec0f0f4b3328a9ad09baad010c7c2/analysis/1354276484/

ADMINUSLabs' dataset is very large and gets updated several times per day with thousands of new URLs, this is an excellent addition, many thanks and welcome on board!

VirusTotal += Malwarebytes

We welcome Malwarebytes (aka MBAM) as a new engine working at VirusTotal. Malwarebytes was first released in 2008.

VirusTotal += NANO

We welcome NANO as a new engine working at VirusTotal. NANO is a russian antivirus company that has been in the market since year 2009.

Wednesday, 28 November 2012

VirusTotal += Malekal

We are back with new inclusions in VirusTotal's URL scanning engine. This time we are excited to add Malekal's malicious URL dataset to our aggregate scanner.

Malekal is a site maintained by one of our most active VirusTotal Community users, @Malekal_morte. The site mostly deals with malware and antivirus but has support forums that help users in many other ICT fields. As a result of the support he gives and the research he conducts, Malekal comes across many malware samples an malicious URLs as we can see in his public listing (21211 documented files since March 2010 at the time of this article).

Malekal's malicious URL dataset is now being used to check whether any URL submitted by a user to VirusTotal is present in it and if so it is flagged accordingly. You should now be able to see these detections in the URL reports, just as an example:

https://www.virustotal.com/url/04d67bdebd8a74eaaac37212e35848203f55823c157aab958ad4415d1b7ba344/analysis/1354089612/

We are extremely grateful to Malekal, welcome on board!