Jump to content

Kaspersky doesnt detect zero day malware samples with bmp extension.


Recommended Posts

Posted

Hi. I am a long time kaspersky user and today i also bought kaspersky plus licence. Sometimes i play with malware in safe environment. What i noticed for a long time was that kaspersky doesnt detect tons of malware samples with bmp. extension. I sent some malware samples with bmp extension but kaspersky didnt respond back then.

When i submit these samples to other security vendors, they add detection for these files. When i scan them with kaspersky, kaspersky says no threat found. Shouldnt Kaspersky telemetry grab those files and add detection for them as well? I am curious because these samples include privateloader malware varients.

I can send the malware samples ıf it is asked. This matter bugs me a lot.

Thanks in advance.

Flood and Flood's wife
Posted (edited)
7 hours ago, Randomdude said:

I am a long time Kaspersky user and today i also bought Kaspersky plus licence.

Sometimes i play with malware in safe environment.

What i noticed for a long time was that Kaspersky doesn't detect tons of malware samples with bmp. extension.

  • (1) 👉I sent some malware samples with bmp extension but Kaspersky didn't respond back then

When i submit these samples to other security vendors, they add detection for these files.

  • (2) 👉When i scan them with Kaspersky, Kaspersky says no threat found.

Shouldn't Kaspersky telemetry grab those files and add detection for them as well? I am curious because these samples include privateloader malware variants.

I can send the malware samples ıf it is asked. This matter bugs me a lot.

Hello @Randomdude

Welcome!

First a couple of questions: 

  1. When you say: "I sent some bmp extension samples but Kaspersky did not respond" - how were those samples sent - is there a Case #, Request # or Incident reference associated with this please - please post the #? 
  2. Which Kaspersky app - option / software / tool is being used for the scan - is it (your) actual installed Kaspersky software - a scan option OR Kaspersky Threat Intelligence Portal OR something else? 

💥Do not post malware samples to the Community💥, further down is a guide for you to share the information with Kaspersky, also -> make sure you provide them with a *full explanation of the issue* & the information from the other security vendors & IF the Virus Lab reply back that the submitted data is harmless & (you) are not clear as to WHY - 💥ASK them to explain - UNTIL you are clear!!💥

Use the following steps:

  • Log a case with Kaspersky Customer Service, ask them to send it to the Virus Lab, provide the following in the submission:
  • The OS version & build?
  • The Kaspersky application name, version & patch(x)?
  • The databases update date in the Kaspersky application?
  • Any malware - zip it & protect it with a password - use either MALWARE OR INFECTED & make sure (you) tell support the password.
  • Fill in the template as follows:image.thumb.jpeg.e80adb098d91313308c0701f51733592.jpeg

 

Any questions or issues, please post back & when you get a result from the Virus Lab, please share the outcome with the Community? 

Thank you🙏
Flood🐳+🐋

Edited by Flood and Flood's wife
grammar😌

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...