I’ve just picked up a comment to a previous blog that pointed to what I presumed to be a malicious URL. We’re grateful for all such information, but for obvious reasons, we won’t approve comments that point to malicious code!
You can find information in our knowledgebase here about how to forward malware samples or false positive samples to our labs: it doesn’t specifically mention malicious URLs, but you can send those to the same address.
It’s not that we’re not willing to pass on information to the labs ourselves (and I’ve already forwarded the link), but it’s much more effective for you to send the information direct. As a case in point, it turns out that by the time I saw this comment and forwarded the link, our products had already been updated to detect this particular binary.
David Harley CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, ESET