ClamAV signatures have never caught a dridex variant for me (and they
have been around a long time). You need to head to over to Sane
Security and start using their definitions - they have perfect Zero-hour
detections for Dridex (and other Macroware viruses). You wont be
disappointed any more.
On 25/03/2016 22:06, C.D. Cochrane wrote:
Hi,
I receive a Locky-ransomware variant almost every day as an email attachment.
So far ClamAV has failed to detect it. Each file has had a unique signature.
Does ClamAV have a detection plan and/or work in progress that will start to
detect future variants of this?
thanks,
Chris
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
