Archive for Asprox

False positive alerts

Posted in Malware, Security with tags , , on February 5, 2009 by Xacker

Dean Edwards JavaScript Packer tool has been causing alot of false positive alerts with AV products lately, since it has been used by some malware to override and skip web scanners.

An example of such use is Asprox, a trojan that starts a spam botnet and launchs SQL injection attacks from infected machines on URLs collected by searching Google for ASP websites.

If you are a webmaster/designer/coder, be sure that you don’t use any of the blacklisted packers out there to protect your sourcecode for obvious reasons