Hey guys,
I was doing a little research/digging of my own into the Target attacks. Just browsing the web I came across a report from securework, hosted on Krebs site that goes over the attack and related variants to the attack.
On page 6 of the attached link, it gives the md5 hashes of some of the malware used during the target attack, ie. 4d445b11f9cc3334a4925a7ae5ebb2b7 and 7f1e4548790e7d93611769439a8b39f2
http://krebsonsecurity.com/wp-content/uploads/2014/01/Inside-a-Targeted-Point-of-Sale-Data-Breach.pdf
(page 6 has the md5 hashes)
I know that Sophos has access to these files as I believe all participants in the google virustotal service do, so access to these files should not be a problem.
Sorry for asking on here guys, but I have tried in the past and given up on submitting info like this to companies as they literally ignore you unless you have some sort of service agreement purchased through them, despite the fact that these samples are related to the target attack.
So, if anyone with better "access" to Sophos than I have could please forward this information along, it would be appreciated.
Thanks
ftballpack (Scott)
P.S. Sorry for posting this here guys, I have no idea how else to pass this info along to Sophos labs.
Edit: It appears that Sophos has a write up on one of the files and it would go to reason that Sophos detects both but that virustotal is just throwing an error. I will just assume at this point that Sophos detects them both.
This thread was automatically locked due to age.
