Friday, 3 May 2013

VirusTotal += CyberCrime botnet panels tracker

Xylitol has been extremely kind in letting us enrich VirusTotal's URL scanner with his CyberCrime tracker. CyberCrime is a C&C panel tracker, in other words, it lists the administration interfaces of certain in-the-wild botnets. As such, its URL database is inherently smaller than other datasets integrated in VirusTotal.

Nonetheless, one should not neglect the usefulness of this tracker, very often other malware-related infrastructure will be located in the same host as the botnet administration panel, hence, it can prove itself very useful in finding evil.

https://www.virustotal.com/en/url/ba1cee3c6a157232ac8a61b17ff07694acc970e1bae9ced5c9ef2bfc56ae6ea1/analysis/1367596300/

Thank you Xylitol! Keep up the good work!

VirusTotal += Virus Tracker

Just after Kaspersky joining VirusTotal's aggregate URL scanner, we are excited to announce that Virus Tracker is also becoming part of our family:

https://www.virustotal.com/en/url/82ddbb7eea25e7ce2ca13aed44cac009d9ff6c463e763d22b8b2043f20bd8a52/analysis/1367576071/

Virus Tracker is a service whose mission:
is to provide detailed infection statistics, C&C information and an automatically updated domain blocklist of various botnets to the security community.
The site is non-profit and focuses on banking trojans and financial malware, some of the botnets they track are: multibanker, sinowal, tinybanker, urlzone, zeus, ramnit, etc. This is fantastic news for the average end-user, since they will have a better view of the most perilous threats directly targeting their money.

Yet another URL scanner, one more and we will be in the forties, thank you Virus Tracker team!