Just had an e-mail alert from Symantec about Korgo.F
They have protection against this moderate threat since 2nd June.
However, Avast! doesn’t seem to protect against this, nor Korgo.C, .D, .E or .G
I have to wonder why this is.
Its probably under different name.
It’s also known as PADOBOT, but that isn’t in the Avast! database either. W32:Korgo detection stops at version C in Avast!
I’m still surprized that Avast! doesn’t seem to protect against Korgo variants above C. It’s even hit the national news:
http://news.bbc.co.uk/1/hi/technology/3776247.stm
Would somebody from Avast! care to comment?
Hi,
not from alwil but:
a) maybe the previously released avast-signatures against other KORGOs already detect what Symantec calls “F”-Variant ? the naming conventions differ significantly between different AV companies…
EDIT e.g. like it happens here: http://www.f-secure.com/v-descs/korgo_f.shtml#detect
b) alwil can’t include it until they receive a sample
c) according to your article and TREND, it’s not so widespread…
d) if you have all WindowsUpdates applied (as you ALWAYS should)
it won’t affect you…