Why avast don't detect phishing page file ?

system · September 16, 2010, 6:15pm

Example:

Fhishing site: hxxp://bradescohome-ru.1gb.ru/log/site/perfil/index.php

VirusTotal (browsers): http://www.virustotal.com/url-scan/report.html?id=7ced66fcaa88f82e04545ec23fcb5680-1284580727

VirusTotal (only Avira detection): http://www.virustotal.com/file-scan/report.html?id=839d18035736cc6e412bea74cf9d671721f3ffaf83b18d78e8726656fd6af9d0-1284587931

???

polonus · September 16, 2010, 6:35pm

Hi Henrique - RJ,

Phishing sites is not a main field for av solutions, but I agree with you that it should be found up by the avast shield, it is found up by WOT and Norton Safe Web as you see here: http://www.urlvoid.com/scan/bradescohome-ru.1gb.ru
Phishing Attacks (

Threats found: 1
Here is a complete list:
Location: htxp://bradescohome-ru.1gb.ru/log/site/perfil/index.php

The developers on the avast shield work fast because I have detection now for it as “Avast has blocked a malicious site” and an advice to visit this community portal, so thank yourself for reporting, it works,

polonus

DavidR · September 16, 2010, 6:49pm

WOT doesn’t like the 1gb.ru domain either http://www.mywot.com/en/scorecard/1gb.ru. Nor the first one you gave http://www.mywot.com/en/scorecard/bradescohome-ru.1gb.ru.

system · September 16, 2010, 6:59pm

But why Avira and others it detects ?

system · September 25, 2010, 11:33am

a team member might respond ?

system · September 26, 2010, 12:27pm

Yeah…even firefox block this site. Maybe it’s not concern for AV products, but it’s must on Internet Security. Please make some improvement avast team…there are many problem/bugs in avast 5 i found.

system · September 26, 2010, 12:30pm

should absolutely be detected and at least blocked by the network shield, and OFC it’s up to Avast to take care of that : In the meantime Chrome blocks it.

Sirmer · September 26, 2010, 12:39pm

Hello,
it will be detected in next VPS.
Best Regards
Jan Sirmer

system · September 26, 2010, 12:45pm

nice thanks

system · September 26, 2010, 1:12pm

Very nice…thank’s avast team! Please have concern for blocking a keylogger software and their site…

system · September 26, 2010, 1:16pm

Very nice…thank’s avast team! Please have concern too for blocking a keylogger software and their site.

system · September 26, 2010, 4:10pm

Please

I would like to see is avast detect the php file and not the url (similar in detection of avira).

This would serve to prevent the cracker hosts the same php on another server with another url.

Thanks

EDIT.:

Another example:

Phishing site: hxxp://www.lojadakatia.com.br/Scripts/recadastro/scripts/ib2k1.dll/perfil/

VirusTotal: http://www.virustotal.com/file-scan/report.html?id=9b9c8b026dea7ef28604263bdefadf7024af8ea5a30779d4de9495afce49a28f-1285519626

Sirmer · September 26, 2010, 6:51pm

Hello,
thanks for samples. the last one will be block in next VPS (tommorow,becouse today’s 1 is released at this moment)
Best regards
Jan Sirmer

system · September 26, 2010, 8:20pm

But avast will detect only the url or the page file too ?

Sirmer · September 26, 2010, 8:43pm

just a url at this moment.

Why avast don't detect phishing page file ?

Announcements