AL, I am seeing lots of different version of ransomware .js downloaders (telescript, locky, and many others and variants) for which I have been feeding the CalmAV team and creating sigs pushed out as winnow sigs in Steve’s feed. I can tell you that all that I have and am feeding have not been detected by ClamAV when I detected them.
> On Mar 15, 2016, at 2:15 PM, Al Varnell <alvarn...@mac.com> wrote: > > That’s the KeRanger ransomeware which we dealt with last weekend. Not > related to Teslacrypt AFAIK. > > -Al- > > On Tue, Mar 15, 2016 at 10:45 AM, Dennis Peterson wrote: >> >> Already in the wild. >> >> http://www.foxnews.com/tech/2016/03/07/new-mac-os-x-ransomware-targets-apple-users.html > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
