I appreciate that #virustotal gives you a free API key, but the limitations on looking up files is seriously frustrating. One file every 15 seconds?

Call me crazy, but for their purposes, wouldn't it be beneficial to have a higher limit?

Also does anyone know of a virus scanning website with a higher rate API?

It's been a while since I've found a need to do this, and I assume tools have changed a bit, so some #FediHelp would be appreciated...

What is the most accurate way to find existing #DomainNames , or more specifically, #SubDomains , where I already know the #TLD ?

#VirusTotal allows me to drill down from the main serving IP address to get to the #ASN - then reference the "Relations" tab for passive #DNS replication -BUT- I suspect the list may only be partially complete and/or 'outdated'.

Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem

A large-scale operation impersonates open-source and freeware projects to capture search traffic, targeting tools such as Ghidra, dnSpy, and SpiderFoot. The professionally designed sites load CloudFront-hosted JavaScript that converts download button clicks into handoffs to a Traffic Distribution System (TDS), which enforces strict gating including first-visit state, click confirmation, anti-bot logic, VPN filtering, and frequency capping. The ecosystem appears primarily built for traffic acquisition and monetization using legitimate ad-tech, but downstream redirect chains repeatedly led selected users to malware delivery infrastructure. The observed payloads include SessionGate (a multi-stage loader with heavy obfuscation delivering potentially unwanted applications), RemusStealer (an infostealer targeting over 20 browsers and hundreds of extensions), and AnimateClipper (a cryptocurrency clipper supporting 20+ blockchain ecosystems). Over 5,000 VirusTotal submissions indicate substantial reach across the ...

Pulse ID: 6a20679f5ade869dcb4bf6b5
Pulse Link: https://otx.alienvault.com/pulse/6a20679f5ade869dcb4bf6b5
Pulse Author: AlienVault
Created: 2026-06-03 17:42:55

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #Cloud #CyberSecurity #DNS #InfoSec #InfoStealer #Java #JavaScript #Malware #Nim #OTX #OpenThreatExchange #RAT #RCE #Rust #VPN #VirusTotal #bot #cryptocurrency #AlienVault

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

A financially-motivated cybercrime cluster designated CL-CRI-1089 has launched Operation FlutterBridge, deploying FlutterShell backdoor malware targeting macOS systems through malvertising. Built with the Flutter framework, FlutterShell masquerades as legitimate applications including podcast players and PDF viewers, delivering adware with full backdoor capabilities such as shell command execution and file system manipulation. The malware uses a WebView-based architecture with JavaScript-to-native bridge, allowing attackers to dynamically modify behavior without recompiling. Distribution occurs through hundreds of Google-verified advertisements controlled by shell companies including AdsParkPro LTD and Advantage Web Marketing LLC. The campaign primarily targets Anglophone and Western European markets. All samples were signed with valid Apple Developer IDs and successfully passed notarization, achieving zero detections on VirusTotal initially. The malware hijacks Google Chrome browsers, redirecting traffic ...

Pulse ID: 6a1ee9cdd897e06c7cac14d9
Pulse Link: https://otx.alienvault.com/pulse/6a1ee9cdd897e06c7cac14d9
Pulse Author: AlienVault
Created: 2026-06-02 14:33:49

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Browser #Chrome #CyberCrime #CyberSecurity #Europe #Google #InfoSec #Java #JavaScript #Mac #MacOS #Malvertising #Malware #OTX #OpenThreatExchange #PDF #RAT #Rust #Troll #VirusTotal #WesternEurope #bot #AlienVault

@virustotal maybe it's worth to look into increasing free quota based on quality of reports. If a source reports a lot of malware with unique signatures then perhaps you don't want to enforce the default quota and miss out on reports (on days where the source is busy).

I bet you already have some sort of usefulness score for sources anyway ?!

#infosec #dfir #security #cybersecurity #virustotal

🔥 TRENDING

📢 VirusTotal APK 病毒检测统计 20220101-20220831

🔗 https://blog.trustlook.com/virustotal-apk-bing-du-jian-ce-tong-ji-202201-202208/

#Virustotal #GlobalFeed #News #EN

<i>Automatically posted by Global Feed Bot</i>

🔥 TRENDING

📢 VirusTotal APK 病毒检测统计 20220101-20220831

🔗 https://blog.trustlook.com/virustotal-apk-bing-du-jian-ce-tong-ji-202201-202208/

#Virustotal #GlobalFeed #News #EN

<i>Automatically posted by Global Feed Bot</i>

Die Virenklatsche hat mal wieder einen erwischt, den der Spamfilter nicht auf dem Schirm hatte. 13 von 63 Scannern bei #Virustotal kannten die Prüfsumme. Es lohnt sich immer wieder, mehrere "lines of defense" zu haben.

Wie das bei mir läuft? Im Procmail laufen einige Filter, von denen eines per Python-Script die Prüfsummen der Attachments einzeln bei Virustotal prüft. So bleiben die eigentlichen Daten vertraulich und es geht dort erheblich schneller mit 50+ Scannern als mit einem lokal.

Die Virenklatsche hat mal wieder einen erwischt, den der Spamfilter nicht auf dem Schirm hatte. 13 von 63 Scannern bei #Virustotal kannten die Prüfsumme. Es lohnt sich immer wieder, mehrere "lines of defense" zu haben.

Wie das bei mir läuft? Im Procmail laufen einige Filter, von denen eines per Python-Script die Prüfsummen der Attachments einzeln bei Virustotal prüft. So bleiben die eigentlichen Daten vertraulich und es geht dort erheblich schneller mit 50+ Scannern als mit einem lokal.

Looking for a #GIMP 2.10.38 (last 2.10 release) #AppImage?

Direct download: https://github.com/ivan-hc/GIMP-appimage/releases/download/20241103-hybrid/GNU-Image-Manipulation-Program_2.10.38-4-Hybrid-with-python2-from-Debian-Buster-archimage3.4.1-1-x86_64.AppImage

Project page: https://github.com/ivan-hc/GIMP-appimage

#Virustotal results: https://www.virustotal.com/gui/url/12e15528d834ac784e22817e6eccc8fe9ad570d2f285158ec39390a8fa2432d7?nocache=1

NOTE: this is an unofficial build. Caveat emptor.
(I have no relation to or knowledge of the gentleman who makes these builds)