Author Topic: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm  (Read 3406 times)

0 Members and 1 Guest are viewing this topic.

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm
« Reply #1 on: August 23, 2012, 01:24:06 AM »
HI Don,
I don't understand what is so special about this,we've seen this million times here.
It just generates a random domain name based on the pseudocode.It is also depending on the date of the "event".
Regards,
Philip  :)
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm
« Reply #2 on: August 23, 2012, 02:59:22 PM »
@!Donovan,

Off-course it is good policy to follow up detection has been added or not, and in this case it apparently has not.
Pirated or fraudulent scripts should be found up and flagged. No doubt about it, and as easy as sucuri and you could find this means it does not need rocket science to do so.

@Left123,

This is with these sort of detection I guess they have lower priority somehow, see: http://malwarebulletin.com/2012/08/03/eset/update-7352-20120803/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm
« Reply #3 on: August 23, 2012, 11:50:18 PM »
Hi all,

Regardless, a random redirect (that happens only once), should be considered, at best, suspicious.

~!Donovan
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm
« Reply #4 on: August 24, 2012, 12:12:17 AM »
Hi !Donovan,

I completely agree with you, and all we can do is report to virus AT avast dot com in the usual way.
Also I ask you to read this thread about the unlikeness of an avast solution to detect specific malware
if it was not detected during the previous 6 days after first detection was mentioned on VT results from other av-solutions
: http://forum.avast.com/index.php?topic=103847.0
But I see you already posted there, so you are aware of that information.
It is also striking that after a 30 days period there is no longer detection in the case of a previous detection for the same av-solution,
so certain detections are only meant for a particular period.
All has to do off-course with what is decided to be included into a next update.....

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Only 3 Detect 20+ Day Old 'jQuerys' Redirecting Algorithm
« Reply #5 on: August 28, 2012, 12:10:08 AM »
Another rescan gives the same 3/42..
https://www.virustotal.com/file/028544e8f041cd03c68d4e49d29d9c1d49129eb9f5515e6cdd05ab04f24615ed/analysis/1346105240/

Is there a limit to what antiviruses can do? ???

Using regular expressions to find suspect strings and going into more detail with various 'tests', it doesn't seem possible..
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."