New Little Feature

There was a new feature added to ThreatExpert reports that some researchers might find useful.

Whenever ThreatExpert comes across a filename or a threatname in a report, it will check if that name was previously mentioned in other reports.

If it was mentioned, such name will be accompanied with a link to a page that enlists any findings associated with that name:

All filenames and threat aliases are cross-referenced by MD5.

In a certain way it is similar to VGrep.

For example, searching for “Puper” and clicking its threat name inside any report will bring you to a page, where you will be able to see how other vendors are detecting the same threat (e.g. Zlob/Popuper/Vapsup), where this threat is likely to be coming from, and how many incidents were registered at threatexpert.com.

This entry was posted in Online Fraud. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>