Back to Top

Friday, January 04, 2008

Sunbelt is using Symantec in-house

This is quite old (it has been sitting in my to-do list for a while) but still fun:

What can screenshots reveal about your company? This blog posting from the Sunbelt blog from Friday, November 16, 2007 entitled Some new twists in the Storm worm contains the screenshot which can be seen below with the obfuscated javascript code:

stormworm1238888

When I looked at the screenshot I saw the peculiar structure towards the top of the page (the first "script" block) and did some searching around. It turns out that this structure is added by ad-blocking code present in some Symantec products as documented on their website. This means that probably whoever made the screenshot at Sunbelt was using Symantec's AV on their system. Interesting to know :-).

0 comments:

Post a Comment

You can use some HTML tags, such as <b>, <i>, <a>. Comments are moderated, so there will be a delay until the comment appears. However if you comment, I follow.