Kaspersky doesnt detect zero day malware samples with bmp extension.

[Randomdude]

Hi. I am a long time kaspersky user and today i also bought kaspersky plus licence. Sometimes i play with malware in safe environment. What i noticed for a long time was that kaspersky doesnt detect tons of malware samples with bmp. extension. I sent some malware samples with bmp extension but kaspersky didnt respond back then.

When i submit these samples to other security vendors, they add detection for these files. When i scan them with kaspersky, kaspersky says no threat found. Shouldnt Kaspersky telemetry grab those files and add detection for them as well? I am curious because these samples include privateloader malware varients.

I can send the malware samples ıf it is asked. This matter bugs me a lot.

Thanks in advance.

[Flood and Flood's wife]

7 hours ago, Randomdude said:

I am a long time Kaspersky user and today i also bought Kaspersky plus licence.

Sometimes i play with malware in safe environment.

What i noticed for a long time was that Kaspersky doesn't detect tons of malware samples with bmp. extension.

• (1) 👉I sent some malware samples with bmp extension but Kaspersky didn't respond back then. 

When i submit these samples to other security vendors, they add detection for these files.

• (2) 👉When i scan them with Kaspersky, Kaspersky says no threat found.

Shouldn't Kaspersky telemetry grab those files and add detection for them as well? I am curious because these samples include privateloader malware variants.

I can send the malware samples ıf it is asked. This matter bugs me a lot.

Hello @Randomdude, 

Welcome!

First a couple of questions: 

1. When you say: "I sent some bmp extension samples but Kaspersky did not respond" - how were those samples sent - is there a Case #, Request # or Incident reference associated with this please - please post the #? 
2. Which Kaspersky app - option / software / tool is being used for the scan - is it (your) actual installed Kaspersky software - a scan option OR Kaspersky Threat Intelligence Portal OR something else? 

💥Do not post malware samples to the Community💥, further down is a guide for you to share the information with Kaspersky, also -> make sure you provide them with a *full explanation of the issue* & the information from the other security vendors & IF the Virus Lab reply back that the submitted data is harmless & (you) are not clear as to WHY - 💥ASK them to explain - UNTIL you are clear!!💥

Use the following steps:

• Log a case with Kaspersky Customer Service, ask them to send it to the Virus Lab, provide the following in the submission:
• The OS version & build?
• The Kaspersky application name, version & patch(x)?
• The databases update date in the Kaspersky application?
• Any malware - zip it & protect it with a password - use either MALWARE OR INFECTED & make sure (you) tell support the password.
• Fill in the template as follows:

 

Any questions or issues, please post back & when you get a result from the Virus Lab, please share the outcome with the Community? 

Thank you🙏
Flood🐳+🐋

Edited October 15, 2023 by Flood and Flood's wife
grammar😌