Hi Mike
recently Geodo was doing this in Switzerland. Direct your customers to https://www.swiss-isa.ch/en/security-check/
and ask them to go through the check. There is a "second opinion" scanner in the test, which detects and cleans a lot of stuff AV does not yet see.
Could you send me one of the exe's? I'd like to run them through our analysis system.
Cheers Serge
On 16.4.15 16:54 , Mike Kellenberger wrote:
Hi all
I've been contacted by a couple of customers which caught a new virus in the last few days, sent by e-mail in a .zip file containing an .exe. (yes, there are still people out there who open these kind of attachments if they come from a known address)
The .zip file passes our AV on the mailserver (Kaspersky) as well as our desktop AV (Symantec) with the newest definitions.
Once infected, it spreads via e-mail (probably through the outlook e-mail profile, it authenticates nicely against our mailserver anyway) blasting out hundreds of mails in a single short session only to sleep again until the next day...
Has anybody else seen this? Is there a name or details or cure fo it yet?
Regards,
Mike